Want more features on Pastebin? Sign Up, it's FREE!
Public Pastes
Guest

Untitled

By: a guest on Jan 10th, 2010  |  syntax: Bash  |  size: 1.13 KB  |  views: 56  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. #!/bin/bash
  2. /sbin/modprobe ifb
  3. /sbin/modprobe sch_netem
  4. #!/bin/bash
  5. #set 12345 to your server port.
  6. /sbin/modprobe ifb
  7. /sbin/modprobe sch_netem
  8. /sbin/modprobe sch_ingress
  9.  
  10. /sbin/tc qdisc add dev eth0 ingress
  11. /sbin/ip link set dev ifb0 up
  12. /sbin/tc filter add dev eth0 parent ffff: protocol ip prio 10 u32 match ip protocol 6 0xff  match u8 0x04 0x07 at 33 flowid 1:1   action mirred egress redirect dev ifb0
  13. /sbin/tc qdisc add dev ifb0 root netem delay 1000ms
  14.  
  15. #Rate limit syn packets by ip address to triage the jamed peers.
  16. /sbin/iptables -I MOBLOCK_IN -p tcp --dport 12345 -i eth0 -m state --state NEW -m recent --set
  17. /sbin/iptables -I MOBLOCK_IN -p tcp --dport 12345 -i eth0 -m state --state NEW -m recent --update --seconds 30 --hitcount 1 -j DROP
  18.  
  19. ### test by filtering ICMP (ping) through delayer
  20. #/sbin/tc filter add dev eth0 parent ffff: protocol ip prio 10 u32 match ip protocol 1 0xff flowid 1:1 action mirred egress redirect dev ifb0
  21. ### oh you wanted to stop filtering pings too?
  22. #/sbin/tc filter del dev eth0 parent ffff: protocol ip prio 10 u32 match ip protocol 1 0xff flowid 1:1 action mirred egress redirect dev ifb0
clone this paste RAW Paste Data