[LARTC] Control Trafic

Daniel Phlander daniel_phlander at yahoo.com
Wed Sep 28 03:14:01 CEST 2005 

Hi !

I have an error in this script as it is not working and I can't figure out what that is.

Anyone can help?

Thanks!

 

#!/bin/bash 

### unitati de masura pt debit 
# kbps - kilobytes per second 
# mbps - megabytes per second 
# kbit - kilbits per second 
# mbit - megabits per second 

EXT_IF="eth0" 
INT_IF="eth1" 

TC=/sbin/tc
IPTABLES=/sbin/iptables

# RATE DOWNLOAD 
RAD_INET_ALL="1736kbit"
RAD_INET_LOW="64kbit" 
RAD_INET_HIGH="256kbit"
 
RAD_METRO_ALL="90mbit" 
RAD_METRO_LOW="70mbit" 
RAD_METRO_HIGH="80mbit" 

# RATE UPLOAD 
RUP_INET_ALL="1536kbit" 
RUP_INET="128kbit" 
RUP_METRO_ALL="90mbit" 
RUP_METRO="70mbit" 

# RATA INTRANET 
RATE_INTRA="80mbit" 

DEST="85.120.48.128/25 192.171.172.0/24 10.10.10.0/24 217.156.110.86/32 193.226.18.0/24" 

if [ "$1" = "status" ] 
then 
 clear 
 echo "* [ discipline interfata $EXT_IF ]" 
 $TC qdisc show dev $EXT_IF 
 echo "* [ disciplinele interfata $INT_IF ]" 
 $TC qdisc show dev $INT_IF 
 echo "* [ clase interfata $EXT_IF ]" 
 $TC class show dev $EXT_IF 
 echo "* [ clase interfata $INT_IF ]" 
 $TC class show dev $INT_IF 
 echo "* [ filtre interfata $EXT_IF ]" 
 $TC filter show dev $EXT_IF 
 $TC filter show dev $EXT_IF parent 1:20 
 $TC filter show dev $EXT_IF parent 1:30 
 echo "* [ filtre interfata $INT_IF ]" 
 $TC filter show dev $INT_IF 
 $TC filter show dev $INT_IF parent 1:20 
 $TC filter show dev $INT_IF parent 1:30 

 echo 
 echo "* [ marcarea traficului ]" 
 $IPTABLES -n -t mangle -L POSTROUTING 
 exit 
fi 

$TC qdisc delete dev $EXT_IF root 2> /dev/null 
$TC qdisc delete dev $INT_IF root 2> /dev/null 
$TC qdisc delete dev $INT_IF ingress 2> /dev/null 

$IPTABLES -t mangle -F POSTROUTING 

if [ "$1" = "stop" ] 
then 
echo "[*] Managementul debitului este oprit." 
exit 
fi 

### //// 1] Clasele pentru traficul metropolitan/internet pt ambele interfeþe: 

$TC qdisc add dev $EXT_IF root handle 1: htb default 30
$TC class add dev $EXT_IF parent 1: classid 1:1 htb rate 100mbit
$TC class add dev $EXT_IF parent 1:1 classid 1:20 htb rate $RUP_METRO_ALL
$TC class add dev $EXT_IF parent 1:1 classid 1:30 htb rate $RUP_INET_ALL

$TC qdisc add dev $INT_IF root handle 1: htb default 30
$TC class add dev $INT_IF parent 1: classid 1:1 htb rate 100mbit
$TC class add dev $INT_IF parent 1:1 classid 1:20 htb rate $RAD_METRO_ALL
$TC class add dev $INT_IF parent 1:1 classid 1:30 htb rate $RAD_INET_ALL

### //// 2] Clasificarea explicita a traficului metropolitan

for i in $DEST; do

$TC filter add dev $EXT_IF parent 1: protocol ip u32 match ip dst $i flowid 1:20
$TC filter add dev $INT_IF parent 1: protocol ip u32 match ip src $i flowid 1:20

done


### /// 3] Clasele pentru fiecare client 
# 
# client adresa marcaj metro internet 
# ------------------------------------------------------------------ 
# client 1 85.120.48.0/25 1 :21 :31 
# client 2 192.168.2.0/24 2 :22 :32 
# client 3 192.168.3.0/24 3 :23 :33 
# client 4 192.168.4.0/24 4 :24 :34 

### Client 1 => #85.120.48.0/25

# clase 

$TC class add dev $EXT_IF parent 1:20 classid 1:21 htb rate $RUP_METRO 
$TC class add dev $EXT_IF parent 1:30 classid 1:31 htb rate $RUP_INET 
$TC class add dev $INT_IF parent 1:20 classid 1:21 htb rate $RAD_METRO_LOW ceil $RAD_METRO_HIGH 
$TC class add dev $INT_IF parent 1:30 classid 1:31 htb rate $RAD_INET_LOW ceil $RAD_INET_HIGH 


# marcare 

$IPTABLES -t mangle -A POSTROUTING -o $EXT_IF -s 85.120.48.0/25 -j MARK --set-mark 1 
$IPTABLES -t mangle -A POSTROUTING -o $INT_IF -d 85.120.48.0/25 -j MARK --set-mark 1 


# clasificare 

$TC filter add dev $EXT_IF parent 1:20 protocol ip handle 1 fw flowid 1:21 
$TC filter add dev $EXT_IF parent 1:30 protocol ip handle 1 fw flowid 1:31 
$TC filter add dev $INT_IF parent 1:20 protocol ip handle 1 fw flowid 1:21 
$TC filter add dev $INT_IF parent 1:30 protocol ip handle 1 fw flowid 1:31 


### //// 4] Limitare traficului intre retelele din intranet 

#$TC qdisc add dev $INT_IF ingress handle ffff: 
#$TC filter add dev $INT_IF parent ffff: protocol ip u32 match ip dst 85.120.48.0/24 police rate $RATE_INTRA burst 10k drop flowid :1 


echo "[*] Managementul debitului este activ."

 

		
---------------------------------
Yahoo! for Good
 Click here to donate to the Hurricane Katrina relief effort. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ds9a.nl/pipermail/lartc/attachments/20050927/7303ea36/attachment.html

More information about the LARTC mailing list