Nie jesteś zalogowany.
Jeśli nie posiadasz konta, zarejestruj je już teraz! Pozwoli Ci ono w pełni korzystać z naszego serwisu. Spamerom dziękujemy!
Prosimy o pomoc dla małej Julki — przekaż 1% podatku na Fundacji Dzieciom zdazyć z Pomocą.
Więcej informacji na dug.net.pl/pomagamy/.
Witam
Mam takie pytanie czy da sie zrobic(pewnie sie da) kolejkowanie ze wzgledu na uslugi(priorytety dla klas www itp) i ip (sztywne przypisanie transferu up i down).
Walcze z tym od kilku dni i jakos nie osiagnelem zamiezonego celu mianowice gdy zaczynam kolekowac po uslugach to kolejkowanie po ip lezy.
Prosze o jakies wskazowki.
Pozdrawiam
Offline
musiałbyś dla każdego usera zrobić nowe filtry, które mu usługi podpinają w odpowiednich kolejkach do jego kolejki głównej.
(tak mi się przynajmniej wydaje)
Offline
Witam
Nawiazujac do mojego pytania szafnolem skrypt kolejkujacy mniejwiecej realizujacy to co zamierzylem.
Testuje go wlasnie na 40os sieci i jak na razie calkiem calkiem, pingi w szczycie w miare, ponizej 50ms na swiat ale to wina dsl'a pewnie, stronki furcza voipy smigaja no i p2p daje az milo.
Wszelka krytyka mile widziana.
#!/bin/bash
# --------------------------------------------------
echo "iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark" >> /root/shape
echo "iptables -t mangle -A PREROUTING -m mark ! --mark 0 -j ACCEPT" >> /root/shape
IF_WORLD="eth0"
IF_LAN="eth1"
LAN_IP=192.168.0.0/24
# --------------------------------------------------
UPLINK_LAN="99000kbit"
UPLINK_WORLD="600kbit"
UPLINK_WORLD_SIP="100kbit"
UPLINK_WORLD_SIP_="600kbit"
UPLINK_WORLD_INTERACT="200kbit"
UPLINK_WORLD_INTERACT_="600kbit"
UPLINK_WORLD_OTHER="200kbit"
UPLINK_WORLD_OTHER_="600kbit"
UPLINK_WORLD_P2P="100kbit"
UPLINK_WORLD_P2P_="100kbit"
SIP_PORTS="5060 5061"
INTERACT_PORTS="20 21 22 25 53 80 110 143 443 995"
UPLINK_IP="
192.168.0.2,64kbit
192.168.0.3,64kbit
192.168.0.4,64kbit
192.168.0.5,128kbit
192.168.0.6,64kbit
192.168.0.7,64kbit
192.168.0.8,64kbit
192.168.0.9,64kbit
192.168.0.10,32kbit
192.168.0.11,64kbit
192.168.0.12,64kbit
192.168.0.13,64kbit
192.168.0.14,64kbit
192.168.0.15,64kbit
192.168.0.16,64kbit
192.168.0.17,64kbit
192.168.0.18,64kbit
192.168.0.19,128kbit
192.168.0.20,64kbit
192.168.0.21,64kbit
192.168.0.22,64kbit
192.168.0.23,64kbit
192.168.0.24,64kbit
192.168.0.25,64kbit
192.168.0.26,64kbit
192.168.0.27,96kbit
192.168.0.28,96kbit
192.168.0.29,64kbit
192.168.0.30,32kbit
192.168.0.31,32kbit
192.168.0.32,32kbit
192.168.0.33,64kbit
192.168.0.34,64kbit
192.168.0.35,64kbit
192.168.0.36,64kbit
192.168.0.37,64kbit
192.168.0.38,128kbit
192.168.0.39,64kbit
192.168.0.40,64kbit
192.168.0.219,64kbit"
# --------------------------------------------------
DOWNLINK_LAN="99000kbit"
DOWNLINK_WORLD="8000kbit"
DOWNLINK_IP="
192.168.0.2,64kbit,512kbit,256kbit,1
192.168.0.3,64kbit,512kbit,256kbit,1
192.168.0.4,64kbit,512kbit,256kbit,1
192.168.0.5,64kbit,1024kbit,256kbit,1
192.168.0.6,64kbit,512kbit,256kbit,1
192.168.0.7,64kbit,512kbit,256kbit,1
192.168.0.8,64kbit,512kbit,256kbit,1
192.168.0.9,64kbit,512kbit,256kbit,1
192.168.0.10,64kbit,512kbit,256kbit,1
192.168.0.11,64kbit,512kbit,256kbit,1
192.168.0.12,64kbit,256kbit,256kbit,1
192.168.0.13,64kbit,512kbit,256kbit,1
192.168.0.14,64kbit,512kbit,256kbit,1
192.168.0.15,64kbit,512kbit,256kbit,1
192.168.0.16,64kbit,512kbit,256kbit,1
192.168.0.17,64kbit,512kbit,256kbit,1
192.168.0.18,64kbit,512kbit,256kbit,1
192.168.0.19,64kbit,1024kbit,512kbit,1
192.168.0.20,64kbit,512kbit,256kbit,1
192.168.0.21,64kbit,512kbit,256kbit,1
192.168.0.22,64kbit,512kbit,256kbit,1
192.168.0.23,64kbit,512kbit,256kbit,1
192.168.0.24,64kbit,512kbit,256kbit,1
192.168.0.25,64kbit,1024kbit,512kbit,1
192.168.0.26,64kbit,512kbit,256kbit,1
192.168.0.27,64kbit,512kbit,256kbit,1
192.168.0.28,64kbit,768kbit,256kbit,1
192.168.0.29,64kbit,512kbit,256kbit,1
192.168.0.30,64kbit,512kbit,256kbit,1
192.168.0.31,64kbit,512kbit,256kbit,1
192.168.0.32,64kbit,512kbit,256kbit,1
192.168.0.33,64kbit,512kbit,256kbit,1
192.168.0.34,64kbit,512kbit,256kbit,1
192.168.0.35,64kbit,512kbit,256kbit,1
192.168.0.36,64kbit,512kbit,256kbit,1
192.168.0.37,64kbit,512kbit,256kbit,1
192.168.0.38,64kbit,1024kbit,512kbit,1
192.168.0.39,64kbit,512kbit,256kbit,1
192.168.0.40,64kbit,512kbit,256kbit,1
192.168.0.219,64kbit,64kbit,256kbit,1"
# --------------------------------------------------
echo "tc qdisc del dev $IF_WORLD root 2> /dev/null" >> /root/shape
echo "tc qdisc del dev $IF_WORLD ingress 2> /dev/null" >> /root/shape
echo "tc qdisc del dev $IF_LAN root 2> /dev/null" >> /root/shape
echo "tc qdisc del dev $IF_LAN ingress 2> /dev/null" >> /root/shape
# --------------------------------------------------
DEV=$IF_WORLD
echo
echo "Output dev" $DEV
echo "tc qdisc add dev $DEV root handle 1:0 htb default 30" >> /root/shape
echo "tc class add dev $DEV parent 1:0 classid 1:1 htb rate ${UPLINK_WORLD}" >> /root/shape
echo "tc class add dev $DEV parent 1:1 classid 1:10 htb rate ${UPLINK_WORLD_SIP} ceil ${UPLINK_WORLD_SIP_} prio 1" >> /root/sh
ape
echo "tc class add dev $DEV parent 1:1 classid 1:20 htb rate ${UPLINK_WORLD_INTERACT} ceil ${UPLINK_WORLD_INTERACT_} prio 2" >
> /root/shape
echo "tc class add dev $DEV parent 1:1 classid 1:30 htb rate ${UPLINK_WORLD_OTHER} ceil ${UPLINK_WORLD_OTHER_} prio 3" >> /roo
t/shape
echo "tc class add dev $DEV parent 1:1 classid 1:40 htb rate ${UPLINK_WORLD_P2P} ceil ${UPLINK_WORLD_P2P_} prio 5" >> /root/sh
ape
echo "tc qdisc add dev $DEV parent 1:10 handle 10:0 esfq perturb 10" >> /root/shape
echo "tc qdisc add dev $DEV parent 1:20 handle 20:0 esfq perturb 10" >> /root/shape
echo "tc qdisc add dev $DEV parent 1:30 handle 30:0 esfq perturb 10" >> /root/shape
echo "tc qdisc add dev $DEV parent 1:40 handle 40:0 esfq perturb 10" >> /root/shape
for port in $SIP_PORTS
do
echo "tc filter add dev $DEV parent 1:0 protocol ip prio 1 u32 match ip sport ${port} 0xffff flowid 1:10" >> /root/shape
echo "tc filter add dev $DEV parent 1:0 protocol ip prio 1 u32 match ip dport ${port} 0xffff flowid 1:10" >> /root/shape
done
echo "tc filter add dev $DEV parent 1:0 protocol ip prio 1 u32 match ip tos 0x68 0xff flowid 1:10" >> /root/shape
echo "tc filter add dev $DEV parent 1:0 protocol ip prio 1 u32 match ip tos 0xb8 0xff flowid 1:10" >> /root/shape
for port in $INTERACT_PORTS
do
echo "tc filter add dev $DEV parent 1:0 protocol ip prio 1 u32 match ip sport ${port} 0xffff flowid 1:20" >> /root/shape
echo "tc filter add dev $DEV parent 1:0 protocol ip prio 1 u32 match ip dport ${port} 0xffff flowid 1:20" >> /root/shape
done
echo "tc filter add dev $DEV parent 1:0 protocol ip prio 2 u32 match ip tos 0x10 0xff flowid 1:20" >> /root/shape
echo "tc filter add dev $DEV parent 1:0 protocol ip prio 2 u32 match ip protocol 1 0xff flowid 1:20" >> /root/shape
echo "tc filter add dev $DEV parent 1:0 protocol ip prio 5 u32 match ip protocol 6 0xff match u8 0x05 0x0f at 0 match u16 0x00
00 0xffc0 at 2 match u8 0x10 0xff at 33 flowid 1:20" >> /root/shape
echo "iptables -t mangle -A PREROUTING -m ipp2p --edk --kazaa --gnu --dc --bit --apple --winmx --soul --ares -j MARK --set-mar
k 0x100" >> /root/shape
echo "iptables -t mangle -A PREROUTING -m mark --mark 0x100 -j CONNMARK --save-mark" >> /root/shape
echo "iptables -t mangle -A POSTROUTING -o eth0 -m mark --mark 0x100 -j CLASSIFY --set-class 1:40" >> /root/shape
# --------------------------------------------------
echo
echo "Input dev" $DEV
echo "tc qdisc add dev $DEV handle ffff:0 ingress" >> /root/shape
k=1
for port in $PORT_SPEED
do
p=1;
parametry=`echo $port | sed "y/,/ /"`
for param in $parametry
do
params[$p]=$param;
((p++))
done
echo "tc filter add dev $DEV parent ffff:0 protocol ip prio 1 u32 match ip sport ${params[1]} 0xffff police rate ${params[2]}
burst 10k drop flowid 0:${k}" >> /root/shape
((k++))
done
echo "tc filter add dev $DEV parent ffff:0 protocol ip prio 1 u32 match ip src 0.0.0.0 police rate ${DOWNLINK_WORLD} burst 10k
drop flowid 0:${k}" >> /root/shape
# --------------------------------------------------
DEV=$IF_LAN
echo
echo "Output dev" $DEV
echo "tc qdisc add dev $DEV root handle 2:0 htb default 2" >> /root/shape
echo "tc class add dev $DEV parent 2:0 classid 2:1 htb rate ${DOWNLINK_LAN} prio 2" >> /root/shape
echo "tc class add dev $DEV parent 2:0 classid 2:2 htb rate ${DOWNLINK_WORLD} prio 1" >> /root/shape
echo "tc qdisc add dev $DEV parent 2:1 handle 3:0 esfq perturb 10" >> /root/shape
echo "tc filter add dev $DEV parent 2:0 protocol ip prio 1 u32 match ip src ${LAN_IP} flowid 2:1" >> /root/shape
echo "tc filter add dev $DEV parent 2:0 protocol ip prio 2 u32 match ip tos 0x10 0xff flowid 2:1" >> /root/shape
echo "tc filter add dev $DEV parent 2:0 protocol ip prio 2 u32 match ip protocol 1 0xff flowid 2:1" >> /root/shape
echo "tc filter add dev $DEV parent 2:0 protocol ip prio 5 u32 match ip protocol 6 0xff match u8 0x05 0x0f at 0 match u16 0x00
00 0xffc0 at 2 match u8 0x10 0xff at 33 flowid 2:1" >> /root/shape
k=2
for ip in $DOWNLINK_IP
do
p=1;
parametry=`echo $ip | sed "y/,/ /"`
for param in $parametry
do
params[$p]=$param;
((p++))
done
echo "tc class add dev $DEV parent 2:2 classid 2:${k}0 htb rate ${params[2]} burst 10k prio ${params[5]} ceil ${params[3]}" >>
/root/shape
echo "tc qdisc add dev $DEV parent 2:${k}0 handle ${k}0:0 esfq perturb 10" >> /root/shape
echo "tc filter add dev $DEV parent 2:0 protocol ip prio 1 u32 match ip dst ${params[1]} flowid 2:${k}0" >> /root/shape
echo "tc class add dev $DEV parent 2:${k}0 classid 2:${k}1 htb rate ${params[2]} burst 5k prio 1 ceil ${params[3]}" >> /root/s
hape
echo "tc class add dev $DEV parent 2:${k}0 classid 2:${k}2 htb rate ${params[2]} prio 5 ceil ${params[4]}" >> /root/shape
echo "tc qdisc add dev $DEV parent 2:${k}1 handle ${k}1:0 esfq perturb 10" >> /root/shape
echo "tc qdisc add dev $DEV parent 2:${k}2 handle ${k}2:0 esfq perturb 10" >> /root/shape
echo "tc filter add dev eth1 parent 2:${k}0 protocol ip prio 1 u32 match ip dst ${params[1]} flowid 2:${k}1" >> /root/shape
echo "iptables -t mangle -A PREROUTING -s ${params[1]} -m ipp2p --edk --kazaa --gnu --dc --bit --apple --winmx --soul --ares -
j MARK --set-mark 0x10${k}" >> /root/shape
echo "iptables -t mangle -A PREROUTING -m mark --mark 0x10${k} -j CONNMARK --save-mark" >> /root/shape
echo "iptables -t mangle -A POSTROUTING -o $DEV -m mark --mark 0x10${k} -j CLASSIFY --set-class 2:${k}2" >> /root/shape
((k++))
done
# --------------------------------------------------
echo
echo "Input dev" $DEV
echo "tc qdisc add dev $DEV handle ffff:0 ingress" >> /root/shape
echo "tc filter add dev $DEV parent ffff:0 protocol ip prio 1 u32 match ip dst ${LAN_IP} police rate ${UPLINK_LAN} burst 10k d
rop flowid 0:1" >> /root/shape
echo "tc filter add dev $DEV parent ffff:0 protocol ip prio 1 u32 match ip protocol 1 0xff police rate ${UPLINK_LAN} burst 10k
drop flowid 0:1" >> /root/shape
k=2
for ip in $UPLINK_IP
do
p=1;
parametry=`echo $ip | sed "y/,/ /"`
for param in $parametry
do
params[$p]=$param;
((p++))
done
echo "tc filter add dev $DEV parent ffff:0 protocol ip prio 1 u32 match ip src ${params[1]} police rate ${params[2]} burst 10k
drop flowid 0:${k}" >> /root/shape
((k++))
done
# --------------------------------------------------
Pozdrawiam
Offline