API tools faq
paste
Advertisement
Guest User

nbolton

a guest
Dec 5th, 2009
2,586
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.62 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2.  
  3. #set -v
  4.  
  5. if [ $(whoami) != "root" ]; then
  6. echo "should be root"
  7. exit
  8. fi
  9.  
  10. # crontab doesn't look in /sbin
  11. tc=/sbin/tc
  12.  
  13. # devices (up and down)
  14. # traffic is routed in to eth1, and out of eth0
  15. dev_dn=eth0
  16. dev_up=eth1
  17.  
  18. # special filter ip's
  19. sv_ips=("192.168.20.10" "192.168.20.1") # sv-1, rt-1
  20. ws_ips=("192.168.20.106" "192.168.20.102") # ws-1, ws-4
  21. hb_ips=(
  22. "212.58.224.0/19" "213.120.0.0/14" # bbc iplayer servers
  23. "87.248.212.0/24" # windows update
  24. "168.143.161.20" # twirl (uses twitter)
  25. )
  26.  
  27. # throttle speeds (default)
  28. up_kbit=500 # internet upload
  29. dn_kbit=8000 # internet download
  30. local_mbit=100 # static lan speed
  31.  
  32. # do not turn off by default
  33. off=0
  34.  
  35. # allow us to override defaults
  36. while getopts ":d:u:o?" opt
  37. do
  38. case $opt in
  39. d) dn_kbit=$OPTARG ;;
  40. u) up_kbit=$OPTARG ;;
  41. o) off=1 ;;
  42. *) echo "qos-on [-d dn_kbit|-u up_kbit|-o]" ; exit;
  43. esac
  44. done
  45.  
  46. # upload classes
  47. # burst is for web page requests
  48. up_c1="htb \
  49. rate ${up_kbit}kbit \
  50. ceil ${up_kbit}kbit \
  51. prio 1"
  52. up_c2="htb \
  53. rate $[8*$up_kbit/10]kbit \
  54. ceil ${up_kbit}kbit \
  55. burst 100k \
  56. prio 2"
  57. up_c3="htb \
  58. rate $[4*$up_kbit/10]kbit \
  59. ceil ${up_kbit}kbit \
  60. burst 50k \
  61. prio 3"
  62.  
  63. # download classes
  64. # burst is for web page responses
  65. dn_c1="htb \
  66. rate ${dn_kbit}kbit \
  67. ceil ${dn_kbit}kbit \
  68. prio 1"
  69. dn_c2="htb \
  70. rate $[8*$dn_kbit/10]kbit \
  71. ceil ${dn_kbit}kbit \
  72. burst 300k \
  73. prio 2"
  74. dn_c3="htb \
  75. rate $[6*$dn_kbit/10]kbit \
  76. ceil ${dn_kbit}kbit \
  77. burst 200k \
  78. prio 3"
  79. dn_c4="htb \
  80. rate $[4*$dn_kbit/10]kbit \
  81. ceil ${dn_kbit}kbit \
  82. burst 100k \
  83. prio 4"
  84. dn_c5="htb \
  85. rate $[2*$dn_kbit/10]kbit \
  86. ceil ${dn_kbit}kbit \
  87. prio 5"
  88.  
  89. echo -e "\n"`date`
  90.  
  91. # print some debug info
  92. if [ $off -eq 0 ]; then
  93. echo "upload..."
  94. echo " 1: $up_c1"
  95. echo " 2: $up_c2"
  96. echo " 3: $up_c3"
  97. echo "download..."
  98. echo " 1: $dn_c1"
  99. echo " 2: $dn_c2"
  100. echo " 3: $dn_c3"
  101. echo " 4: $dn_c4"
  102. echo " 5: $dn_c5"
  103. else
  104. echo "disabling..."
  105. fi
  106.  
  107. # reset all devs
  108. $tc qdisc del dev $dev_up root 2> /dev/null
  109. $tc qdisc del dev $dev_dn root 2> /dev/null
  110.  
  111. if [ $off -eq 1 ]; then
  112. exit
  113. fi
  114.  
  115. # add a handle with default flow
  116. $tc qdisc add dev $dev_up root handle 1: htb default 30
  117. $tc qdisc add dev $dev_dn root handle 2: htb default 40
  118.  
  119. $tc class add dev $dev_up parent 1: classid 1:1 htb rate ${up_kbit}kbit ceil ${up_kbit}kbit
  120. $tc class add dev $dev_dn parent 2: classid 2:1 htb rate ${dn_kbit}kbit ceil ${dn_kbit}kbit
  121.  
  122. # internet upload
  123. $tc class add dev $dev_up parent 1:1 classid 1:10 $up_c1
  124. $tc class add dev $dev_up parent 1:1 classid 1:20 $up_c2
  125. $tc class add dev $dev_up parent 1:1 classid 1:30 $up_c3
  126. $tc qdisc add dev $dev_up parent 1:10 handle 10: sfq perturb 10
  127. $tc qdisc add dev $dev_up parent 1:20 handle 20: sfq perturb 10
  128. $tc qdisc add dev $dev_up parent 1:30 handle 30: sfq perturb 10
  129.  
  130. # internet download
  131. $tc class add dev $dev_dn parent 2:1 classid 2:10 $dn_c1
  132. $tc class add dev $dev_dn parent 2:1 classid 2:20 $dn_c2
  133. $tc class add dev $dev_dn parent 2:1 classid 2:30 $dn_c3
  134. $tc class add dev $dev_dn parent 2:1 classid 2:40 $dn_c4
  135. $tc class add dev $dev_dn parent 2:1 classid 2:50 $dn_c5
  136. $tc qdisc add dev $dev_dn parent 2:10 handle 10: sfq perturb 10
  137. $tc qdisc add dev $dev_dn parent 2:20 handle 20: sfq perturb 10
  138. $tc qdisc add dev $dev_dn parent 2:30 handle 30: sfq perturb 10
  139. $tc qdisc add dev $dev_dn parent 2:40 handle 40: sfq perturb 10
  140. $tc qdisc add dev $dev_dn parent 2:50 handle 50: sfq perturb 10
  141.  
  142. # lan up/down (we don't want to limit this)
  143. $tc class add dev $dev_dn parent 2:1 classid 2:5 htb rate ${local_mbit}mbit
  144. $tc qdisc add dev $dev_dn parent 2:5 handle 5: sfq perturb 10
  145.  
  146. u32_up="$tc filter add dev $dev_up protocol ip parent 1:0 prio 1 u32"
  147. u32_dn="$tc filter add dev $dev_dn protocol ip parent 2:0 prio 1 u32"
  148.  
  149. # lan traffic (up and down goes via eth1)
  150. for ip in ${sv_ips[*]}; do
  151. $u32_dn match ip src $ip flowid 2:5
  152. done
  153.  
  154. # ssh and icmp - very high up and down
  155. $u32_up match ip tos 0x10 0xff flowid 1:10
  156. $u32_up match ip protocol 1 0xff flowid 1:10
  157. $u32_dn match ip tos 0x10 0xff flowid 2:20
  158. $u32_dn match ip protocol 1 0xff flowid 2:20
  159.  
  160. # ack - fairly high (but it does use a lot of bw)
  161. $u32_up \
  162. match ip protocol 6 0xff \
  163. match u8 0x05 0x0f at 0 \
  164. match u16 0x0000 0xffc0 at 2 \
  165. match u8 0x10 0xff at 33 \
  166. flowid 1:20
  167.  
  168. # cap heavy downloading (before workstations)
  169. for ip in ${hb_ips[*]}; do
  170. $u32_dn match ip src $ip flowid 2:50
  171. done
  172.  
  173. # high prio workstations's (left over traffic)
  174. for ip in ${ws_ips[*]}; do
  175. $u32_dn match ip dst $ip flowid 2:30
  176. done
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!