From: Dr Aldo Medina <aldomedina@hotpop.com>
To: netfilter@lists.netfilter.org
Subject: Test script for P2P
Date: 05 Jun 2003 23:16:44 -0500 [thread overview]
Message-ID: <1054873047.864.211.camel@linuxclient> (raw)
Based in wshaper:
#!/bin/bash
# MLDonkey Wondershaper
# In kilobits
DOWNLINK=256
UPLINK=128
DEV=ppp0
QLEN=30 #Default 3
RQ=1 #Default 10
BURST=30 #Default 6
CLASS12="http/tcp/both pop3/tcp/dport pop3s/tcp/dport https/tcp/dport
8080/tcp/b
oth nntp/tcp/both"
case "$1" in
start)
IPTCMD="iptables -A WSHAPER -t mangle -p"
tc disc del dev $DEV root 2> /dev/null > /dev/null
tc disc del dev $DEV ingress 2> /dev/null > /dev/null
tc disc del dev imq0 root 2> /dev/null > /dev/null
iptables -t mangle -D POSTROUTING -o $DEV -j WSHAPER 2> /dev/null
\
> /dev/null
ip link set dev $DEV qlen $QLEN
tc qdisc add dev $DEV root handle 1: htb r2q $RQ default 13
tc class add dev $DEV parent 1: classid 1:1 htb rate
$[$UPLINK-2]kbit \
ceil $[$UPLINK-2]kbit burst ${BURST}k
tc class add dev $DEV parent 1:1 classid 1:10 htb rate \
$[(($UPLINK-2)*17)/100]kbit ceil $[$UPLINK-2]kbit prio 2
tc class add dev $DEV parent 1:1 classid 1:11 htb rate \
$[(($UPLINK-2)*40)/100]kbit ceil $[$UPLINK-2]kbit prio 0
tc class add dev $DEV parent 1:1 classid 1:12 htb rate \
$[(($UPLINK-2)*40)/100]kbit ceil $[$UPLINK-2]kbit prio 1
tc class add dev $DEV parent 1:1 classid 1:13 htb rate \
1kbit ceil $[$UPLINK-2]kbit prio 3
tc qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev $DEV parent 1:11 handle 11: sfq perturb 10
tc qdisc add dev $DEV parent 1:12 handle 12: sfq perturb 10
tc qdisc add dev $DEV parent 1:13 handle 13: sfq perturb 10
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 10 \
fw flowid 1:10
tc filter add dev $DEV parent 1:0 prio 1 protocol ip handle 11 \
fw flowid 1:11
tc filter add dev $DEV parent 1:0 prio 2 protocol ip handle 12 \
fw flowid 1:12
tc filter add dev $DEV parent 1:0 prio 3 protocol ip handle 13 \
fw flowid 1:13
iptables -t mangle -N WSHAPER
iptables -t mangle -I POSTROUTING -o $DEV -j WSHAPER
# Class 10
$IPTCMD tcp -m length --length :64 -j MARK --set-mark 10 ## ACKs
# $IPTCMD tcp -p tcp --tcp-flags ACK -j MARK --set-mark 10
# Class 11
$IPTCMD tcp --dport ssh -j MARK --set-mark 11 ## SSH
$IPTCMD tcp --sport ssh -j MARK --set-mark 11
$IPTCMD icmp -j MARK --set-mark 11 ## ICMP
$IPTCMD udp --dport domain -j MARK --set-mark 11 ## DNS
$IPTCMD all --source 192.168.0.2 -j MARK --set-mark 11 ##
linuxclient
$IPTCMD all --destination 192.168.0.2 -j MARK --set-mark 11
$IPTCMD all --source 192.168.0.3 -j MARK --set-mark 11 ##
linuxlaptop
$IPTCMD all --destination 192.168.0.3 -j MARK --set-mark 11
$IPTCMD all --source 192.168.0.4 -j MARK --set-mark 11 ##
compaqlaptop
$IPTCMD all --destination 192.168.0.4 -j MARK --set-mark 11
# Class 12
for PORTPROTODEST in $CLASS12 ; do
PORT=`echo $PORTPROTODEST | awk -F/ '{print $1}'`
PROTO=`echo $PORTPROTODEST | awk -F/ '{print $2}'`
DEST=`echo $PORTPROTODEST | awk -F/ '{print $3}'`
if [ "$PROTO" = "both" ]; then
if [ "$DEST" = "both" ]; then
$IPTCMD tcp --dport $PORT -j MARK --set-mark 12
$IPTCMD udp --sport $PORT -j MARK --set-mark 12
$IPTCMD tcp --sport $PORT -j MARK --set-mark 12
$IPTCMD udp --dport $PORT -j MARK --set-mark 12
else
$IPTCMD tcp --$DEST $PORT -j MARK --set-mark 12
$IPTCMD udp --$DEST $PORT -j MARK --set-mark 12
fi
else
if [ "$DEST" = "both" ]; then
$IPTCMD $PROTO --dport $PORT -j MARK --set-mark 12
$IPTCMD $PROTO --sport $PORT -j MARK --set-mark 12
else
$IPTCMD $PROTO --$DEST $PORT -j MARK --set-mark 12
fi
fi
done
# Class 13 default
$IPTCMD udp --sport 4660:4670 -j MARK --set-mark 13
$IPTCMD udp --dport 4660:4670 -j MARK --set-mark 13
$IPTCMD tcp --sport 4660:4670 -j MARK --set-mark 13
$IPTCMD tcp --dport 4660:4670 -j MARK --set-mark 13
$IPTCMD udp --dport 8948 -j MARK --set-mark 13
$IPTCMD tcp --dport 8948 -j MARK --set-mark 13
$IPTCMD udp --sport 8948 -j MARK --set-mark 13
$IPTCMD tcp --sport 8948 -j MARK --set-mark 13
tc qdisc add dev imq0 handle 1: root htb default 1
tc class add dev imq0 parent 1: classid 1:1 htb rate $[DOWNLINK-2]kbit
tc qdisc add dev imq0 parent 1:1 handle 10: htb default 5
tc class add dev imq0 parent 10: classid 10:1 htb \
rate $[((DOWNLINK-2)*10)/100]kbit ceil $[DOWNLINK-2]kbit burst 30k
prio 1
tc class add dev imq0 parent 10: classid 10:2 htb \
rate $[((DOWNLINK-2)*70)/100]kbit ceil $[DOWNLINK-2]kbit burst 30k
prio 2
tc class add dev imq0 parent 10: classid 10:5 htb \
rate $[((DOWNLINK-2)*20)/100]kbit ceil $[DOWNLINK-2]kbit prio 3
tc qdisc add dev imq0 parent 10:1 handle 21:0 pfifo
tc qdisc add dev imq0 parent 10:2 handle 22:0 sfq
tc qdisc add dev imq0 parent 10:5 handle 23:0 sfq
tc filter add dev imq0 protocol ip pref 1 parent 10: handle 1 fw classid
10:1
tc filter add dev imq0 protocol ip pref 2 parent 10: handle 2 fw classid
10:2
iptables -t mangle -A PREROUTING -i $DEV -j IMQ
iptables -t mangle -A PREROUTING -i $DEV -p tcp -m tos --tos
minimize-delay -m s
tate --state ESTABLISHED -j MARK --set-mark 1
iptables -t mangle -A PREROUTING -i $DEV -p tcp -m length --length :64
-j MARK -
-set-mark 1
iptables -t mangle -A PREROUTING -i $DEV -p tcp --dport 22 -m state
--state EST
ABLISHED -j MARK --set-mark 2
iptables -t mangle -A PREROUTING -i $DEV -p tcp --sport 80 --dport 1024:
-m stat
e --state ESTABLISHED -j MARK --set-mark 2
iptables -t mangle -A PREROUTING -i $DEV -p tcp --dport 80 --sport 1024:
-m stat
e --state ESTABLISHED -j MARK --set-mark 2
iptables -t mangle -A PREROUTING -i $DEV -p tcp --sport 443 --dport
1024: -m sta
te --state ESTABLISHED -j MARK --set-mark 2
iptables -t mangle -A PREROUTING -i $DEV -p tcp --sport pop3 -m state
--state ES
TABLISHED -j MARK --set-mark 2
iptables -t mangle -A PREROUTING -i $DEV -p udp --sport domain -j MARK
--set-mar
k 2
iptables -t mangle -A PREROUTING -i $DEV -p icmp -j MARK --set-mark 2
ip link set imq0 up
echo "wshaper started"
;;
stop)
iptables -t mangle -D POSTROUTING -o $DEV -j WSHAPER 2> /dev/null
\
> /dev/null
iptables -t mangle -D PREROUTING -i $DEV -j WSHAPER 2> /dev/null \
> /dev/null
iptables -t mangle -D PREROUTING -i $DEV -j IMQ 2> /dev/null \
> /dev/null
iptables -t mangle -F PREROUTING 2> /dev/null >/dev/null
iptables -t mangle -F WSHAPER 2> /dev/null > /dev/null
iptables -t mangle -X WSHAPER 2> /dev/null > /dev/null
tc qdisc del dev $DEV root 2> /dev/null > /dev/null
tc qdisc del dev $DEV ingress 2> /dev/null > /dev/null
tc qdisc del dev imq0 root 2> /dev/null > /dev/null
echo "wshaper stopped"
;;
restart)
$0 stop
$0 start
;;
status)
# print anything interesting
echo "[qdisc]"
tc -s qdisc show dev $DEV
echo "[class]"
tc -s class show dev $DEV
echo "[iptables]"
iptables -t mangle -L WSHAPER -xnv
echo "[imq]"
tc -s qdisc show dev imq0
tc -s class show dev imq0
exit
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
;;
esac
Any opinions? I'm particularly interested in the values for variables
QLEN, RQ and BURST.
next reply other threads:[~2003-06-06 4:16 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-06-06 4:16 Dr Aldo Medina [this message]
-- strict thread matches above, loose matches on Subject: below --
2003-05-21 17:17 Test script for P2P Dr Aldo Medina
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1054873047.864.211.camel@linuxclient \
--to=aldomedina@hotpop.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox