Nie jesteś zalogowany.
Jeśli nie posiadasz konta, zarejestruj je już teraz! Pozwoli Ci ono w pełni korzystać z naszego serwisu. Spamerom dziękujemy!
Ogłoszenie
Prosimy o pomoc dla małej Julki — przekaż 1% podatku na Fundacji Dzieciom zdazyć z Pomocą.
Więcej informacji na dug.net.pl/pomagamy/.
#1 2007-12-01 16:05:52
yakubek - 
Użytkownik
HTB brak markowania i kontroli nad uploadem
serwer/router stoi na Debianie 4.0, lacze mam od Tepsy Neo1024, ruch na laczu pilnuje HTB do serwerka podpietych jest kilka komputerow.
HTB bez problemu ogranicza Download, jednak Upoaldu nie moge kontrolowac, prawdopodobnie nie markuje mi polaczen, a co za tym idzie nie nie ma kontroli.
Kod:
tc -s -d qdisc show dev ppp0 qdisc htb 1: r2q 10 default 0 direct_packets_stat 3786 ver 3.17 Sent 516826 bytes 3786 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 qdisc sfq 2: parent 1:2 limit 128p quantum 1492b flows 128/1024 perturb 10sec Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 qdisc sfq 3: parent 1:3 limit 128p quantum 1492b flows 128/1024 perturb 10sec Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 qdisc sfq 4: parent 1:4 limit 128p quantum 1492b flows 128/1024 perturb 10sec Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 qdisc sfq 5: parent 1:5 limit 128p quantum 1492b flows 128/1024 perturb 10sec Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 qdisc sfq 6: parent 1:6 limit 128p quantum 1492b flows 128/1024 perturb 10sec Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 qdisc sfq 7: parent 1:7 limit 128p quantum 1492b flows 128/1024 perturb 10sec Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 qdisc sfq 8: parent 1:8 limit 128p quantum 1492b flows 128/1024 perturb 10sec Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 qdisc sfq 9: parent 1:9 limit 128p quantum 1492b flows 128/1024 perturb 10sec Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0 qdisc sfq 10: parent 1:10 limit 128p quantum 1492b flows 128/1024 perturb 10sec Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) rate 0bit 0pps backlog 0b 0p requeues 0
A to moj plik htb
Kod:
#!/bin/sh
# shaper.sh -- prosty i łatwy skrypt do zarz±dzania pasmem
if [ "$1" == "stop" ]
then
echo "Zatrzymujemy shapera"
tc qdisc del root dev eth1 2>/dev/null
tc qdisc del root dev ppp0 2>/dev/null
iptables -t mangle -D POSTROUTING -o ppp0 -j MYSHAPER-OUT 2>/dev/null
iptables -t mangle -F MYSHAPER-OUT 2>/dev/null
iptables -t mangle -X MYSHAPER-OUT 2>/dev/null
exit
fi
if [ "$1" == "start" ]
then
# To co było wcze¶niej -- do pieca! :)
echo "Uruchamiamy shapera"
tc qdisc del root dev eth1 2>/dev/null
tc qdisc del root dev ppp0 2>/dev/null
iptables -t mangle -D POSTROUTING -o ppp0 -j MYSHAPER-OUT 2>/dev/null
iptables -t mangle -F MYSHAPER-OUT 2>/dev/null
iptables -t mangle -X MYSHAPER-OUT 2>/dev/null
########## DOWNLOAD
tc qdisc add dev eth1 root handle 1:0 htb
######### DOWNLOAD
######### Teraz przydział pasma na kolejkę
tc class add dev eth1 parent 1:0 classid 1:1 htb rate 99000kbit ceil 99000kbit
tc class add dev eth1 parent 1:1 classid 1:2 htb rate 1000kbit ceil 1000kbit
tc class add dev eth1 parent 1:1 classid 1:3 htb rate 98000kbit ceil 98000kbit
tc class add dev eth1 parent 1:2 classid 1:4 htb rate 256kbit ceil 1000kbit #Yakub
tc class add dev eth1 parent 1:2 classid 1:5 htb rate 256kbit ceil 300kbit #Michal
tc class add dev eth1 parent 1:2 classid 1:6 htb rate 256kbit ceil 300kbit #Marek
tc class add dev eth1 parent 1:2 classid 1:7 htb rate 256kbit ceil 300kbit #Mazur
tc class add dev eth1 parent 1:2 classid 1:8 htb rate 256kbit ceil 300kbit #Wojtek
tc class add dev eth1 parent 1:2 classid 1:9 htb rate 256kbit ceil 1000kbit #Ewelina
tc class add dev eth1 parent 1:2 classid 1:10 htb rate 256kbit ceil 300kbit #Przemek
tc class add dev eth1 parent 1:2 classid 1:11 htb rate 256kbit ceil 300kbit #Etch
tc filter add dev eth1 protocol ip preference 1 parent 1:0 u32 match ip src 192.168.2.1 flowid 1:3
tc filter add dev eth1 protocol ip preference 1 parent 1:0 u32 match ip dst 192.168.2.2 flowid 1:4
tc filter add dev eth1 protocol ip preference 1 parent 1:0 u32 match ip dst 192.168.2.3 flowid 1:5
tc filter add dev eth1 protocol ip preference 1 parent 1:0 u32 match ip dst 192.168.2.4 flowid 1:6
tc filter add dev eth1 protocol ip preference 1 parent 1:0 u32 match ip dst 192.168.2.5 flowid 1:7
tc filter add dev eth1 protocol ip preference 1 parent 1:0 u32 match ip dst 192.168.2.6 flowid 1:8
tc filter add dev eth1 protocol ip preference 1 parent 1:0 u32 match ip dst 192.168.2.7 flowid 1:9
tc filter add dev eth1 protocol ip preference 1 parent 1:0 u32 match ip dst 192.168.2.8 flowid 1:10
tc filter add dev eth1 protocol ip preference 1 parent 1:0 u32 match ip dst 192.168.2.9 flowid 1:11
tc qdisc add dev eth1 parent 1:3 handle 3:0 sfq perturb 10
tc qdisc add dev eth1 parent 1:4 handle 4:0 sfq perturb 10
tc qdisc add dev eth1 parent 1:5 handle 5:0 sfq perturb 10
tc qdisc add dev eth1 parent 1:6 handle 6:0 sfq perturb 10
tc qdisc add dev eth1 parent 1:7 handle 7:0 sfq perturb 10
tc qdisc add dev eth1 parent 1:8 handle 8:0 sfq perturb 10
tc qdisc add dev eth1 parent 1:9 handle 9:0 sfq perturb 10
tc qdisc add dev eth1 parent 1:10 handle 10:0 sfq perturb 10
tc qdisc add dev eth1 parent 1:11 handle 11:0 sfq perturb 10
########## UPLOAD
tc qdisc add dev ppp0 root handle 1:0 htb
tc class add dev ppp0 parent 1:0 classid 1:1 htb rate 260kbit ceil 260kbit quantum 16
tc class add dev ppp0 parent 1:1 classid 1:2 htb rate 24kbit ceil 240kbit quantum 4 #bramka
tc class add dev ppp0 parent 1:1 classid 1:3 htb rate 24kbit ceil 100kbit quantum 4 #Yakub
tc class add dev ppp0 parent 1:1 classid 1:4 htb rate 24kbit ceil 30kbit quantum 4 #Michal
tc class add dev ppp0 parent 1:1 classid 1:5 htb rate 24kbit ceil 30kbit quantum 4 #Marek
tc class add dev ppp0 parent 1:1 classid 1:6 htb rate 24kbit ceil 30kbit quantum 4 #Mazur
tc class add dev ppp0 parent 1:1 classid 1:7 htb rate 24kbit ceil 30kbit quantum 4 #Wojtek
tc class add dev ppp0 parent 1:1 classid 1:8 htb rate 24kbit ceil 30kbit quantum 4 #Ewelina
tc class add dev ppp0 parent 1:1 classid 1:9 htb rate 24kbit ceil 30kbit quantum 4 #Przemek
tc class add dev ppp0 parent 1:1 classid 1:10 htb rate 24kbit ceil 30kbit quantum 4 #Etch
#######################
tc qdisc add dev ppp0 parent 1:2 handle 2:0 sfq perturb 10
tc qdisc add dev ppp0 parent 1:3 handle 3:0 sfq perturb 10
tc qdisc add dev ppp0 parent 1:4 handle 4:0 sfq perturb 10
tc qdisc add dev ppp0 parent 1:5 handle 5:0 sfq perturb 10
tc qdisc add dev ppp0 parent 1:6 handle 6:0 sfq perturb 10
tc qdisc add dev ppp0 parent 1:7 handle 7:0 sfq perturb 10
tc qdisc add dev ppp0 parent 1:8 handle 8:0 sfq perturb 10
tc qdisc add dev ppp0 parent 1:9 handle 9:0 sfq perturb 10
tc qdisc add dev ppp0 parent 1:10 handle 10:0 sfq perturb 10
#########################
tc filter add dev ppp0 protocol ip preference 1 parent 1:0 handle 20 fw flowid 1:2
tc filter add dev ppp0 protocol ip preference 1 parent 1:0 handle 21 fw flowid 1:3
tc filter add dev ppp0 protocol ip preference 1 parent 1:0 handle 22 fw flowid 1:4
tc filter add dev ppp0 protocol ip preference 1 parent 1:0 handle 23 fw flowid 1:5
tc filter add dev ppp0 protocol ip preference 1 parent 1:0 handle 24 fw flowid 1:6
tc filter add dev ppp0 protocol ip preference 1 parent 1:0 handle 25 fw flowid 1:7
tc filter add dev ppp0 protocol ip preference 1 parent 1:0 handle 26 fw flowid 1:8
tc filter add dev ppp0 protocol ip preference 1 parent 1:0 handle 27 fw flowid 1:9
tc filter add dev ppp0 protocol ip preference 1 parent 1:0 handle 28 fw flowid 1:10
############################
iptables -t mangle -N MYSHAPER-OUT
iptables -t mangle -I POSTROUTING -o ppp0 -j MYSHAPER-OUT
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.2 -j MARK --set-mark 21 # zmieniam dla testow tcp na all
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.3 -j MARK --set-mark 22
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.4 -j MARK --set-mark 23
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.5 -j MARK --set-mark 24
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.6 -j MARK --set-mark 25
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.7 -j MARK --set-mark 26
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.8 -j MARK --set-mark 27
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.9 -j MARK --set-mark 28
iptables -t mangle -A MYSHAPER-OUT -m mark --mark 0 -j MARK --set-mark 20
exit
fi
if [ "$1" == "status" ]
then
echo "eth1: "
tc -s qdisc show dev eth1
echo "ppp0: "
tc -s qdisc show dev ppp0
exit
fi
echo "$0 start|stop|status"
## KONIECJak mozna inaczej zrobic markowanie polaczen uzytkownikow?
Offline
#2 2007-12-01 16:31:28
szewczyk - Stary wyjadacz :P
- szewczyk
- Stary wyjadacz :P
- Zarejestrowany: 2006-12-03
Re: HTB brak markowania i kontroli nad uploadem
to :
Kod:
iptables -t mangle -N MYSHAPER-OUT
iptables -t mangle -I POSTROUTING -o ppp0 -j MYSHAPER-OUT
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.2 -j MARK --set-mark 21 # zmieniam dla testow tcp na all
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.3 -j MARK --set-mark 22
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.4 -j MARK --set-mark 23
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.5 -j MARK --set-mark 24
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.6 -j MARK --set-mark 25
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.7 -j MARK --set-mark 26
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.8 -j MARK --set-mark 27
iptables -t mangle -A MYSHAPER-OUT -p tcp -s 192.168.2.9 -j MARK --set-mark 28
iptables -t mangle -A MYSHAPER-OUT -m mark --mark 0 -j MARK --set-mark 20zmieniasz na :
Kod:
iptables -t mangle -N MYSHAPER-OUT
iptables -t mangle -I POSTROUTING -o ppp0 -j MYSHAPER-OUT
iptables -t mangle -A MYSHAPER-OUT -s 192.168.2.2 -j MARK --set-mark 21
iptables -t mangle -A MYSHAPER-OUT -s 192.168.2.3 -j MARK --set-mark 22
iptables -t mangle -A MYSHAPER-OUT -s 192.168.2.4 -j MARK --set-mark 23
iptables -t mangle -A MYSHAPER-OUT -s 192.168.2.5 -j MARK --set-mark 24
.....................................Offline