>Ja mam taki pomysl moze ktos zapoda jeden a dobrze = popracujmy nad jednym a dobrym gotowcem wlozmy gdzies go na stronke i = miejmy juz to wszystko z glowy ?
wydaje mi sie że to prawidłowo działa tylko to = jest skrypt priorytetujący usługi ale łatwo go można przerobić = na per user
a tak przy okazji chetnie uslysze jakies sugestie lub =
krytyki
na temat poniższego rozwiązania
----- cut -------
#!/bin/bash
DEV=eth0
RATEUP=500
if [ "$1" = "status" ]
then
echo "[qdisc]"
tc -s qdisc show dev $DEV
echo "[class]"
tc -s class show dev $DEV
echo "[filter]"
tc -s filter show dev $DEV
echo "[iptables]"
iptables -t mangle -L MYSHAPER-OUT =
-v -x 2> /dev/null
iptables -t mangle -L MYSHAPER-IN =
-v -x 2> /dev/null
exit
fi
tc qdisc del dev $DEV root 2> /dev/null > =
/dev/null
iptables -t mangle -D POSTROUTING -o $DEV -j =
MYSHAPRER-OUT 2> /dev/null > /dev/null
iptables -t mangle -F MYSHAPER-OUT 2> /dev/null =
> /dev/null
iptables -t mangle -X MYSHAPER-OUT 2> /dev/null =
> /dev/null
iptables -t mangle -F MYSHAPER-IN 2> /dev/null =
> /dev/null
iptables -t mangle -X MYSHAPER-IN 2> /dev/null =
> /dev/null
if [ "$1" = "stop" ]
then
echo "Shaping removed on =
$DEV."
exit
fi
ip link set dev $DEV qlen 30
ip link set dev $DEV mtu 1000
tc qdisc add dev $DEV root handle 1: htb default =
26
tc class add dev $DEV parent 1: classid 1:1 htb rate =
${RATEUP}kbit
tc class add dev $DEV parent 1:1 classid 1:20 htb rate =
$[$RATEUP/7]kbit ceil ${RATEUP}kbit prio 0
tc class add dev $DEV parent 1:1 classid 1:21 htb =
rate $[$RATEUP/7]kbit ceil ${RATEUP}kbit prio 1
tc class add dev $DEV parent 1:1 classid 1:22 htb =
rate $[$RATEUP/7]kbit ceil ${RATEUP}kbit prio 2
tc class add dev $DEV parent 1:1 classid 1:23 htb =
rate $[$RATEUP/7]kbit ceil ${RATEUP}kbit prio 3
tc class add dev $DEV parent 1:1 classid 1:24 htb =
rate $[$RATEUP/7]kbit ceil ${RATEUP}kbit prio 4
tc class add dev $DEV parent 1:1 classid 1:25 htb =
rate $[$RATEUP/7]kbit ceil ${RATEUP}kbit prio 5
tc class add dev $DEV parent 1:1 classid 1:26 htb =
rate $[$RATEUP/7]kbit ceil ${RATEUP}kbit prio 6
tc qdisc add dev $DEV parent 1:20 handle 20: sfq =
perturb 10
tc qdisc add dev $DEV parent 1:21 handle 21: sfq =
perturb 10
tc qdisc add dev $DEV parent 1:22 handle 22: sfq =
perturb 10
tc qdisc add dev $DEV parent 1:23 handle 23: sfq =
perturb 10
tc qdisc add dev $DEV parent 1:24 handle 24: sfq =
perturb 10
tc qdisc add dev $DEV parent 1:25 handle 25: sfq =
perturb 10
tc qdisc add dev $DEV parent 1:26 handle 26: sfq =
perturb 10
tc filter add dev $DEV parent 1:0 prio 0 protocol ip =
handle 20 fw flowid 1:20
tc filter add dev $DEV parent 1:0 prio 1 protocol ip =
handle 21 fw flowid 1:21
tc filter add dev $DEV parent 1:0 prio 2 protocol ip =
handle 22 fw flowid 1:22
tc filter add dev $DEV parent 1:0 prio 3 protocol ip =
handle 23 fw flowid 1:23
tc filter add dev $DEV parent 1:0 prio 4 protocol ip =
handle 24 fw flowid 1:24
tc filter add dev $DEV parent 1:0 prio 5 protocol ip =
handle 25 fw flowid 1:25
tc filter add dev $DEV parent 1:0 prio 8 protocol ip =
handle 26 fw flowid 1:26
iptables -t mangle -N MYSHAPER-OUT
iptables -t mangle -A POSTROUTING -o $DEV -j =
MYSHAPER-OUT
iptables -t mangle -A MYSHAPER-OUT -p tcp --sport =
0:1024 -j MARK --set-mark 24
iptables -t mangle -A MYSHAPER-OUT -p tcp --dport =
0:1024 -j MARK --set-mark 24
iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 20 =
-j MARK --set-mark 26
iptables -t mangle -A MYSHAPER-OUT -p tcp --dport =
5190 -j MARK --set-mark 23 #ICQ
iptables -t mangle -A MYSHAPER-OUT -p tcp --dport =
8074 -j MARK --set-mark 23 #GG
iptables -t mangle -A MYSHAPER-OUT -p icmp -j MARK =
--set-mark 20
iptables -t mangle -A MYSHAPER-OUT -p udp -j MARK =
--set-mark 21
iptables -t mangle -A MYSHAPER-OUT -p tcp --dport ssh =
-j MARK --set-mark 22
iptables -t mangle -A MYSHAPER-OUT -p tcp --sport ssh =
-j MARK --set-mark 22
iptables -t mangle -A MYSHAPER-OUT -p tcp --dport =
telnet -j MARK --set-mark 22
iptables -t mangle -A MYSHAPER-OUT -p tcp --sport =
telnet -j MARK --set-mark 22
iptables -t mangle -A MYSHAPER-OUT -p tcp --dport =
6667 -j MARK --set-mark 23
iptables -t mangle -A MYSHAPER-OUT -p tcp -m length =
--length :64 -j MARK --set-mark 21
iptables -t mangle -A MYSHAPER-OUT -p tcp --dport =
410:412 -j MARK --set-mark 26
----- cut ------