Get GNU / Linux
News Feed
Blogs
Event Photos
Screen Shots
Polls
Popular Content
Members
Search
Wall PapersSubmitted by Alaa on Sun, 06/03/2005 - 22:49.
I'm putting these here mainly for DarknessWolf, one day I suppose I'll explain them (or someone who knows more will).
the scripts are very much shorewall oriented
/etc/shorewall/params
############################################################################## NET_IF=eth0 #maximum bw for the interface MAX_BW=90mbit #shaped upstream BW TC_BW=200kbit #shaped downstream BW TC_DOWN_BW=400kbit #special BW for LAN traffic, I no longer use that #TC_BW_15=112kbit #bw classes TC_BW_20=112kbit TC_BW_25=56kbit TC_BW_30=16kbit TC_BW_35=16kbit #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
''/etc/shorewall/tcrules
#MARK SOURCE DEST PROTO PORT(S) CLIENT PORT(S) #default low port 30 $FW 0.0.0.0/0 tcp 0:1024,ircd 30 $FW 0.0.0.0/0 tcp - 0:1024,ircd #high priority 20 $FW 0.0.0.0/0 udp 20 $FW 0.0.0.0/0 icmp 20 $FW 0.0.0.0/0 tcp ssh 20 $FW 0.0.0.0/0 tcp - ssh 25 $FW 0.0.0.0/0 tcp http,https - 25 $FW 0.0.0.0/0 tcp - http,https #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
/etc/shorewall/tcstart
# flush rules on this interface #run_tc qdisc del dev $NET_IF root #echo " flush rules on $NET_IF" # add a main parent handle run_tc qdisc add dev $NET_IF root handle 10: htb default 35 run_tc class add dev $NET_IF parent 10: classid 10:1 htb rate $TC_BW ceil $TC_BW quantum 200 run_tc class add dev $NET_IF parent 10:1 classid 10:20 htb rate $TC_BW_20 ceil $TC_BW prio 2 quantum 200 run_tc qdisc add dev $NET_IF parent 10:20 sfq perturb 10 run_tc class add dev $NET_IF parent 10:1 classid 10:25 htb rate $TC_BW_25 ceil $TC_BW prio 4 quantum 200 run_tc qdisc add dev $NET_IF parent 10:25 sfq perturb 10 run_tc class add dev $NET_IF parent 10:1 classid 10:30 htb rate $TC_BW_30 ceil $TC_BW prio 6 quantum 200 run_tc qdisc add dev $NET_IF parent 10:30 sfq perturb 10 run_tc class add dev $NET_IF parent 10:1 classid 10:35 htb rate $TC_BW_35 ceil $TC_BW prio 7 quantum 200 run_tc qdisc add dev $NET_IF parent 10:35 sfq perturb 10 run_tc filter add dev $NET_IF parent 10:0 protocol ip handle 15 fw flowid 10:15 run_tc filter add dev $NET_IF parent 10:0 protocol ip handle 20 fw flowid 10:20 run_tc filter add dev $NET_IF parent 10:0 protocol ip handle 25 fw flowid 10:25 run_tc filter add dev $NET_IF parent 10:0 protocol ip handle 30 fw flowid 10:30 run_tc filter add dev $NET_IF parent 10:0 protocol ip handle 35 fw flowid 10:35 #tc qdisc add dev $NET_IF handle ffff: ingress tc filter add dev $NET_IF parent ffff: protocol ip prio 49 u32 match ip src \ 192.168.0.0/16 police rate $MAX_BW burst 100k drop flowid :1 tc filter add dev $NET_IF parent ffff: protocol ip prio 50 u32 match ip src \ 0.0.0.0/0 police rate $TC_DOWN_BW burst 10k drop flowid :2
