TS HTB MANGLE
Version vom 1. Oktober 2014, 09:23 Uhr von Thomas (Diskussion | Beiträge)
- !/bin/bash
UPLINK=100 DOWNLINK=8 DEV=eth1 case $1 in start)
echo delete mangle
iptables -t mangle -F
echo delete qdisc
tc qdisc del dev $DEV root 2> /dev/null > /dev/null
tc qdisc del dev $DEV ingress 2> /dev/null > /dev/null
echo set mangle tables
iptables -A POSTROUTING -t mangle -o $DEV -p tcp -m length --length :64 -j MARK --set-mark 10
iptables -A POSTROUTING -t mangle -o $DEV -p icmp -j MARK --set-mark 10
iptables -A POSTROUTING -t mangle -o $DEV -m tos --tos 0x10 -j MARK --set-mark 10
tc qdisc add dev $DEV root handle 1: htb default 30
tc class add dev $DEV parent 1: classid 1:1 htb rate ${UPLINK}mbit
tc class add dev $DEV parent 1:1 classid 1:10 htb rate $[50*UPLINK/100]mbit ceil ${UPLINK}mbit burst 6k prio 1
tc class add dev $DEV parent 1:1 classid 1:20 htb rate $[30*UPLINK/100]mbit ceil ${UPLINK}mbit burst 6k prio 2
tc class add dev $DEV parent 1:1 classid 1:30 htb rate $[20*UPLINK/100]mbit ceil ${UPLINK}mbit burst 6k prio 3
tc class add dev $DEV parent 1:1 classid 1:40 htb rate $[10*UPLINK/100]mbit ceil ${UPLINK}mbit burst 6k prio 4
tc filter add dev $DEV protocol ip parent 1:0 prio 1 handle 10 fw flowid 1:10
tc filter add dev $DEV protocol ip parent 1:0 prio 2 handle 20 fw flowid 1:20
tc filter add dev $DEV protocol ip parent 1:0 prio 3 handle 30 fw flowid 1:30
tc filter add dev $DEV protocol ip parent 1:0 prio 4 handle 40 fw flowid 1:40
tc qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10
tc qdisc add dev $DEV parent 1:30 handle 30: sfq perturb 10
tc qdisc add dev $DEV parent 1:40 handle 40: sfq perturb 10
echo ingress qdisc
tc qdisc add dev $DEV handle ffff: ingress
echo ingres filter
tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate ${DOWNLINK}mbit burst 10k drop flowid :1
stop)
echo delete mangle iptables -t mangle -F echo delete qdisc tc qdisc del dev $DEV root 2> /dev/null > /dev/null tc qdisc del dev $DEV ingress 2> /dev/null > /dev/null
status)
tc -s qdisc ls dev $DEV tc -s class ls dev $DEV
esac