Forum Debian Users Gang

kaik1 · 2006-11-29 05:03:48

Witam. Mam problem z proxy. Mianowicie po jego zainstalowaniu HTB nie dzieli mi uploadu. Czy wie ktoś czemu tak się dzieje ???

Nickleodeon · 2006-11-29 06:56:48

... HTB nie dzieli mi uploadu...

Pokaz mi jak markujesz pakiety - mozliwa przyczyna to blad w markowaniu pakietow...

zlyZwierz · 2006-11-29 07:45:32

Dzieje się tak dlatego, że ruch z/do proxy to ruch lokalny routera , a Ty ograniczasz tylko ruch PRZECHODZĄCY PRZEZ router.

Jak wyzej - pokaż jak to (HTB) robisz.

kaik1 · 2006-11-29 14:30:24

Kod:

#!/bin/bash

INTERNET=eth1
SIEC=eth0

# Tutaj ustalamy dynamiczny gwarantowany oraz max DOWNLOAD i UPLOAD w kbit dla kazdego ip wymienionego powyzej #
GD=128    # gwarantowany download
MD=256    # maxymalny downloadu
GU=24     # gwarantowany upload
MU=32     # maxymalny upload

# Tutaj ustalamy przepustowosc karty sieciowej(K) oraz max download(M) w kbit od strony karty do sieci wew #
K=99000
M=99000

# Podaj przepustowosc lacza (D)-Download (U)-Upload w kbit #
D=1024
U=256

### Ponizej podaj network sieci bez ostatniej cyferki np: ###
LAN=192.168.0
### Ponizej podaj IP karty wewnetrznej dla sieci np: ###
HOST1=192.168.0.1
### Teraz adresy IP ktore HTB ma wlaczyc do podzialu ###
HOST2=${LAN}.2
HOST3=${LAN}.3
HOST4=${LAN}.4
HOST5=${LAN}.5
HOST6=${LAN}.6
HOST7=${LAN}.7
HOST8=${LAN}.8
HOST9=${LAN}.9
HOST10=${LAN}.10
HOST11=${LAN}.11
HOST12=${LAN}.12
HOST13=${LAN}.13
HOST14=${LAN}.14
HOST15=${LAN}.15
HOST16=${LAN}.16
HOST17=${LAN}.17
HOST18=${LAN}.18

if [ "$1" == "stop" ]
then
echo "HTB zostalo zatrzymane"
tc qdisc del root dev $SIEC 2>/dev/null
tc qdisc del root dev $INTERNET 2>/dev/null
iptables -t mangle -D POSTROUTING -o $INTERNET -j HTB-OUT 2>/dev/null
iptables -t mangle -F HTB-OUT 2>/dev/null
iptables -t mangle -X HTB-OUT 2>/dev/null
exit
fi
if [ "$1" == "start" ]
then
echo "HTB zostalo wlaczone"
tc qdisc del root dev $SIEC 2>/dev/null
tc qdisc del root dev $INTERNET 2>/dev/null
iptables -t mangle -D POSTROUTING -o $INTERNET -j HTB-OUT 2>/dev/null
iptables -t mangle -F HTB-OUT 2>/dev/null
iptables -t mangle -X HTB-OUT 2>/dev/null

###DOWNLOAD###
tc qdisc add dev $SIEC root handle 1:0 htb

tc class add dev $SIEC parent 1:0 classid 1:1 htb rate ${K}kbit ceil ${K}kbit

tc class add dev $SIEC parent 1:1 classid 1:2 htb rate ${D}kbit ceil ${D}kbit quantum 1500
tc class add dev $SIEC parent 1:1 classid 1:3 htb rate ${K}kbit ceil ${K}kbit quantum 1500

# tutaj ustalamy porty ktore maja miec wyzszy lub nizszy priorytet
tc filter add dev $SIEC protocol ip parent 1:0 prio 1 u32 match ip sport 139 0xffff flowid 1:2
tc filter add dev $SIEC protocol ip parent 1:0 prio 1 u32 match ip sport 135 0xffff flowid 1:2
tc filter add dev $SIEC protocol ip parent 1:0 prio 1 u32 match ip sport 110 0xffff flowid 1:2
tc filter add dev $SIEC protocol ip parent 1:0 prio 1 u32 match ip sport 25 0xffff flowid 1:2
tc filter add dev $SIEC protocol ip parent 1:0 prio 1 u32 match ip sport 23 0xffff flowid 1:2

tc class add dev $SIEC parent 1:3 classid 1:101 htb rate 800kbit ceil ${M}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:102 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:103 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:104 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:105 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:106 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:107 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:108 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:109 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:110 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:111 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:112 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:113 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:114 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:115 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:116 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500
tc class add dev $SIEC parent 1:2 classid 1:117 htb rate ${GD}kbit ceil ${MD}kbit quantum 1500


tc filter add dev $SIEC protocol ip preference 1 parent 1:0 u32 match ip src $HOST1 flowid 1:101

tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST2 flowid 1:102 
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST3 flowid 1:103
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST4 flowid 1:104
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST5 flowid 1:105 
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST6 flowid 1:106
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST7 flowid 1:107
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST8 flowid 1:108 
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST9 flowid 1:109
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST10 flowid 1:110 
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST11 flowid 1:111 
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST12 flowid 1:112
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST13 flowid 1:113 
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST14 flowid 1:114 
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST15 flowid 1:115 
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST16 flowid 1:116
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST17 flowid 1:117 
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST18 flowid 1:118  
tc filter add dev $SIEC protocol ip preference 2 parent 1:0 u32 match ip dst $HOST19 flowid 1:119 

tc qdisc add dev $SIEC parent 1:101 handle 301:0 sfq perturb 10

tc qdisc add dev $SIEC parent 1:102 handle 302:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:103 handle 303:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:104 handle 304:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:105 handle 305:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:106 handle 306:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:107 handle 307:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:108 handle 308:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:109 handle 309:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:110 handle 310:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:111 handle 311:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:112 handle 312:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:113 handle 313:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:114 handle 314:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:115 handle 315:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:116 handle 316:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:117 handle 317:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:118 handle 318:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:119 handle 319:0 sfq perturb 10
tc qdisc add dev $SIEC parent 1:120 handle 320:0 sfq perturb 10

###Upload###
tc qdisc add dev $INTERNET root handle 1:0 htb
tc class add dev $INTERNET parent 1:0 classid 1:1 htb rate ${U}kbit ceil ${U}kbit quantum 576

tc class add dev $INTERNET parent 1:1 classid 1:102 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:103 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:104 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:105 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:106 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:107 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:108 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:109 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:110 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:111 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:112 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:113 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:114 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:115 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:116 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:117 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:118 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:119 htb rate ${GU}kbit ceil ${MU}kbit quantum 576
tc class add dev $INTERNET parent 1:1 classid 1:120 htb rate ${GU}kbit ceil ${MU}kbit quantum 576

tc qdisc add dev $INTERNET parent 1:102 handle 302:0 sfq perturb 10
tc qdisc add dev $INTERNET parent 1:103 handle 303:0 sfq perturb 10
tc qdisc add dev $INTERNET parent 1:104 handle 304:0 sfq perturb 10
tc qdisc add dev $INTERNET parent 1:105 handle 305:0 sfq perturb 10
tc qdisc add dev $INTERNET parent 1:106 handle 306:0 sfq perturb 10
tc qdisc add dev $INTERNET parent 1:107 handle 307:0 sfq perturb 10
tc qdisc add dev $INTERNET parent 1:108 handle 308:0 sfq perturb 10
tc qdisc add dev $INTERNET parent 1:109 handle 309:0 sfq perturb 10
tc qdisc add dev $INTERNET parent 1:110 handle 310:0 sfq perturb 10
tc qdisc add dev $INTERNET parent 1:111 handle 311:0 sfq perturb 10
tc qdisc add dev $INTERNET parent 1:112 handle 312:0 sfq perturb 10
tc qdisc add dev $INTERNET parent 1:113 handle 313:0 sfq perturb 10
tc qdisc add dev $INTERNET parent 1:114 handle 314:0 sfq perturb 10
tc qdisc add dev $INTERNET parent 1:115 handle 315:0 sfq perturb 10
tc qdisc add dev $INTERNET parent 1:116 handle 316:0 sfq perturb 10

tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 2 fw flowid 1:102
tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 3 fw flowid 1:103
tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 4 fw flowid 1:104
tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 5 fw flowid 1:105
tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 6 fw flowid 1:106
tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 7 fw flowid 1:107
tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 8 fw flowid 1:108
tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 9 fw flowid 1:109
tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 10 fw flowid 1:110
tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 11 fw flowid 1:111
tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 12 fw flowid 1:112
tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 13 fw flowid 1:113
tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 14 fw flowid 1:114
tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 15 fw flowid 1:115
tc filter add dev $INTERNET protocol ip preference 1 parent 1:0 handle 16 fw flowid 1:116

iptables -t mangle -N HTB-OUT
iptables -t mangle -I POSTROUTING -o $INTERNET -j HTB-OUT
iptables -t mangle -A HTB-OUT -s $HOST2 -j MARK --set-mark 2
iptables -t mangle -A HTB-OUT -s $HOST3 -j MARK --set-mark 3
iptables -t mangle -A HTB-OUT -s $HOST4 -j MARK --set-mark 4
iptables -t mangle -A HTB-OUT -s $HOST5 -j MARK --set-mark 5
iptables -t mangle -A HTB-OUT -s $HOST6 -j MARK --set-mark 6
iptables -t mangle -A HTB-OUT -s $HOST7 -j MARK --set-mark 7
iptables -t mangle -A HTB-OUT -s $HOST8 -j MARK --set-mark 8
iptables -t mangle -A HTB-OUT -s $HOST9 -j MARK --set-mark 9
iptables -t mangle -A HTB-OUT -s $HOST10 -j MARK --set-mark 10
iptables -t mangle -A HTB-OUT -s $HOST11 -j MARK --set-mark 11
iptables -t mangle -A HTB-OUT -s $HOST12 -j MARK --set-mark 12
iptables -t mangle -A HTB-OUT -s $HOST13 -j MARK --set-mark 13
iptables -t mangle -A HTB-OUT -s $HOST14 -j MARK --set-mark 14
iptables -t mangle -A HTB-OUT -s $HOST15 -j MARK --set-mark 15
iptables -t mangle -A HTB-OUT -s $HOST16 -j MARK --set-mark 16

exit
fi
if [ "$1" == "status" ]
then
echo "$SIEC: "
tc -s qdisc show dev $SIEC
echo "$INTERNET: "
tc -s qdisc show dev $INTERNET
exit
fi
echo "$0 start|stop|status"

zlyZwierz · 2006-11-29 14:33:35

zło

kaik1 · 2006-11-30 14:54:00

Dzieje się tak dlatego, że ruch z/do proxy to ruch lokalny routera , a Ty ograniczasz tylko ruch PRZECHODZĄCY PRZEZ router.

W takim razie co mam zrobić zeby było ok ???

pasqdnik · 2006-11-30 19:45:49

zło

Powinna powstać "forumowa" witryna w stylu bash.org.pl
:D

Forum Debian Users Gang

Ogłoszenie

#1 2006-11-29 05:03:48

kaik1 - Nowy użytkownik

Proxy i Upload

#2 2006-11-29 06:56:48

Nickleodeon - Członek DUG

Re: Proxy i Upload

#3 2006-11-29 07:45:32

zlyZwierz - Moderator

Re: Proxy i Upload

#4 2006-11-29 14:30:24

kaik1 - Nowy użytkownik

Re: Proxy i Upload

Kod:

#5 2006-11-29 14:33:35

zlyZwierz - Moderator

Re: Proxy i Upload

#6 2006-11-30 14:54:00

kaik1 - Nowy użytkownik

Re: Proxy i Upload

#7 2006-11-30 19:45:49

pasqdnik - Pijak ;-P

Re: Proxy i Upload

Stopka forum