Changeset View
Changeset View
Standalone View
Standalone View
contrib/qos/tc.sh
Show All 26 Lines | |||||
#add our two classes. one unlimited, another limited | #add our two classes. one unlimited, another limited | ||||
tc class add dev ${IF} parent 1:1 classid 1:10 htb rate ${LINKCEIL} ceil ${LINKCEIL} prio 0 | tc class add dev ${IF} parent 1:1 classid 1:10 htb rate ${LINKCEIL} ceil ${LINKCEIL} prio 0 | ||||
tc class add dev ${IF} parent 1:1 classid 1:11 htb rate ${LIMIT} ceil ${LIMIT} prio 1 | tc class add dev ${IF} parent 1:1 classid 1:11 htb rate ${LIMIT} ceil ${LIMIT} prio 1 | ||||
#add handles to our classes so packets marked with <x> go into the class with "... handle <x> fw ..." | #add handles to our classes so packets marked with <x> go into the class with "... handle <x> fw ..." | ||||
tc filter add dev ${IF} parent 1: protocol ip prio 1 handle 1 fw classid 1:10 | tc filter add dev ${IF} parent 1: protocol ip prio 1 handle 1 fw classid 1:10 | ||||
tc filter add dev ${IF} parent 1: protocol ip prio 2 handle 2 fw classid 1:11 | tc filter add dev ${IF} parent 1: protocol ip prio 2 handle 2 fw classid 1:11 | ||||
if [ ! -z "${LOCALNET_V6}" ] ; then | if [ -n "${LOCALNET_V6}" ] ; then | ||||
# v6 cannot have the same priority value as v4 | # v6 cannot have the same priority value as v4 | ||||
tc filter add dev ${IF} parent 1: protocol ipv6 prio 3 handle 1 fw classid 1:10 | tc filter add dev ${IF} parent 1: protocol ipv6 prio 3 handle 1 fw classid 1:10 | ||||
tc filter add dev ${IF} parent 1: protocol ipv6 prio 4 handle 2 fw classid 1:11 | tc filter add dev ${IF} parent 1: protocol ipv6 prio 4 handle 2 fw classid 1:11 | ||||
fi | fi | ||||
#delete any existing rules | #delete any existing rules | ||||
#disable for now | #disable for now | ||||
#ret=0 | #ret=0 | ||||
#while [ $ret -eq 0 ]; do | #while [ $ret -eq 0 ]; do | ||||
# iptables -t mangle -D OUTPUT 1 | # iptables -t mangle -D OUTPUT 1 | ||||
# ret=$? | # ret=$? | ||||
#done | #done | ||||
#limit outgoing traffic to and from port 8333. but not when dealing with a host on the local network | #limit outgoing traffic to and from port 8333. but not when dealing with a host on the local network | ||||
# (defined by $LOCALNET_V4 and $LOCALNET_V6) | # (defined by $LOCALNET_V4 and $LOCALNET_V6) | ||||
# --set-mark marks packages matching these criteria with the number "2" (v4) | # --set-mark marks packages matching these criteria with the number "2" (v4) | ||||
# --set-mark marks packages matching these criteria with the number "4" (v6) | # --set-mark marks packages matching these criteria with the number "4" (v6) | ||||
# these packets are filtered by the tc filter with "handle 2" | # these packets are filtered by the tc filter with "handle 2" | ||||
# this filter sends the packages into the 1:11 class, and this class is limited to ${LIMIT} | # this filter sends the packages into the 1:11 class, and this class is limited to ${LIMIT} | ||||
iptables -t mangle -A OUTPUT -p tcp -m tcp --dport 8333 ! -d ${LOCALNET_V4} -j MARK --set-mark 0x2 | iptables -t mangle -A OUTPUT -p tcp -m tcp --dport 8333 ! -d ${LOCALNET_V4} -j MARK --set-mark 0x2 | ||||
iptables -t mangle -A OUTPUT -p tcp -m tcp --sport 8333 ! -d ${LOCALNET_V4} -j MARK --set-mark 0x2 | iptables -t mangle -A OUTPUT -p tcp -m tcp --sport 8333 ! -d ${LOCALNET_V4} -j MARK --set-mark 0x2 | ||||
if [ ! -z "${LOCALNET_V6}" ] ; then | if [ -n "${LOCALNET_V6}" ] ; then | ||||
ip6tables -t mangle -A OUTPUT -p tcp -m tcp --dport 8333 ! -d ${LOCALNET_V6} -j MARK --set-mark 0x4 | ip6tables -t mangle -A OUTPUT -p tcp -m tcp --dport 8333 ! -d ${LOCALNET_V6} -j MARK --set-mark 0x4 | ||||
ip6tables -t mangle -A OUTPUT -p tcp -m tcp --sport 8333 ! -d ${LOCALNET_V6} -j MARK --set-mark 0x4 | ip6tables -t mangle -A OUTPUT -p tcp -m tcp --sport 8333 ! -d ${LOCALNET_V6} -j MARK --set-mark 0x4 | ||||
fi | fi |