witam mam problem z htb i samba, mianowicie sa ograniczenia dl i ul dla userow na sztywno po 100 kb,i u niektorych userow przy sciaganiu/wysylaniu plikow z samby maja ograniczony transfer do 100kb, nic nie ruszalem z klasami i nie wiem co zrobic z tym moze ktos mi pomoc.
moj plik rc.htb
Cytuj:
#!/bin/bash
# rc.htb 0.1a.upl/down Zciech
#
# 19.07.04
# wpisy hostow umiescic w pliku /etc/htb_config:
# Adres_IP max_download max_upload
# 192.168.1.2 128 64 #Jacek
# 192.168.1.2 256 128 #Agatka
# po ostatnim adresie enter, nie umieszczac pustych lini
# dopuszczalne komentarze '#"
htb_config=/etc/htb_config
#htb_config=./htb_config
# wpisac wartosci dla waszej sieci
# moze kiedys zrobie konfigurator
WANINT=eth0 # iterfejs do internetu
LANINT=eth1 # interfejs do Lanu
WANDOWN=2100 # Download w kbit/s
WANUP=260 # Upload w kbit/s
LANSPD=1200000 # Predkoc Lanu w kbit/s
# Jesli tu dasz za duzo moze nic nie zostac dla userow
ICMPSPD=5 # Predkosc dla klasy ICMP kbit/s
SERVSPD=5 # Predkosc dla gosci kbit/s
PRIOPORT=22 # Port priorytetowy
SFQ="sfq perturb 10" #SFQ
STARTMRK=2 # Startowy MARK
h=/sbin/rchtb_tc
#h=echo
i=iptables
#i=echo
stop()
{
# $i -F -t mangle
# $i -X -t mangle
$h qdisc del root dev $WANINT 2> /dev/null
$h qdisc del root dev $LANINT 2> /dev/null
}
start()
{
stop # dla bezpieczeństwa
# obliczenia
WANDOWN=$[$WANDOWN*95/100]
WANUP=$[$WANUP*95/100]
LANSPD=$[$LANSPD*95/100]
LOCAL=$[$LANSPD-$WANDOWN]
ACKSPD=$[$WANDOWN/20]
CNT=0
for ii in `cat $htb_config| cut -d "#" -f1 |awk '{print $1}'`;do
CNT=$[$CNT+1]
done
if [ $CNT = 0 ]; then
CNT=1
fi
USERDOWN=$[$WANDOWN/$CNT]
if [ $USERDOWN = 0 ]; then
USERDOWN=1
fi
USERUP=$[$WANUP-$ACKSPD-$ICMPSPD-$SERVSPD]
USERUP=$[$USERUP/$CNT]
if [ $USERUP = 0 ]; then
USERUP=1
fi
# INTERFEJS LANINT (ruch przychodz±cy)
$h qdisc add dev $LANINT root handle 1:0 htb default 3 r2q 1
# Główna klasa dla LANINT
$h class add dev $LANINT parent 1:0 classid 1:1 htb rate ${LANSPD}kbit ceil ${LANSPD}kbit
# Podział na pasmo dla ł±cza internetowego i resztę
$h class add dev $LANINT parent 1:1 classid 1:2 htb rate ${WANDOWN}kbit ceil ${WANDOWN}kbit
$h class add dev $LANINT parent 1:1 classid 1:3 htb rate ${LOCAL}kbit ceil ${LOCAL}kbit prio 9
$h qdisc add dev $LANINT parent 1:3 $SFQ
# pasmo priorytetowe dla ICMP, TOS 0x10 (min. delay) oraz wybranego portu 22
$h class add dev $LANINT parent 1:2 classid 1:4 htb rate ${USERDOWN}kbit ceil ${WANDOWN}kbit prio 1 quantum 1500
$h qdisc add dev $LANINT parent 1:4 sfq perturb 10
$h filter add dev $LANINT protocol ip prio 2 parent 1:0 u32 match ip sport 22 0xffff flowid 1:4
$h filter add dev $LANINT protocol ip prio 1 parent 1:0 u32 match ip tos 0x10 0xff flowid 1:4
$h filter add dev $LANINT protocol ip prio 1 parent 1:0 u32 match ip protocol 1 0xff flowid 1:4
# transfer serwer->LAN
$h filter add dev $LANINT protocol ip prio 4 parent 1:0 handle 1 fw flowid 1:3
# INTERFEJS (ruch wychodz±cy)
$h qdisc add dev $WANINT root handle 2:0 htb default 11 r2q 1
# główna klasa
$h class add dev $WANINT parent 2:0 classid 2:1 htb rate ${WANUP}kbit ceil ${WANUP}kbit
# klasa priorytetowa ACK
$h class add dev $WANINT parent 2:1 classid 2:2 htb rate ${ACKSPD}kbit ceil ${WANUP}kbit prio 1 quantum 1500
$h qdisc add dev $WANINT parent 2:2 sfq perturb 10
$h filter add dev $WANINT parent 2:0 protocol ip prio 2 u32 match ip protocol 6 0xff \
match u8 0x05 0x0f at 0 match u16 0x0000 0xffc0 at 1 match u8 0x10 0xff at 33 flowid 2:2 # ACK
# klasa priorytetowa TOS 0x10 oraz ICMP i DNS
$h class add dev $WANINT parent 2:1 classid 2:3 htb rate ${ICMPSPD}kbit ceil ${WANUP}kbit prio 2 quantum 1500
$h qdisc add dev $WANINT parent 2:3 $SFQ
$h filter add dev $WANINT parent 2:0 protocol ip prio 1 u32 match ip tos 0x10 0xff flowid 2:3 # TOS
$h filter add dev $WANINT parent 2:0 protocol ip prio 2 u32 match ip dport 22 0xffff flowid 2:3 # port 22
$h filter add dev $WANINT parent 2:0 protocol ip prio 2 u32 match ip sport 22 0xffff flowid 2:3 # port 22
$h filter add dev $WANINT parent 2:0 protocol ip prio 1 u32 match ip dport 53 0xffff flowid 2:3 # port 53
$h filter add dev $WANINT parent 2:0 protocol ip prio 1 u32 match ip protocol 1 0xff flowid 2:3 # ICMP
# ruch dla gosci
$h class add dev $WANINT parent 2:1 classid 2:4 htb rate ${SERVSPD}kbit ceil ${WANUP}kbit prio 2 quantum 1500
$h qdisc add dev $WANINT parent 2:4 $SFQ
$h filter add dev $WANINT parent 2:0 protocol ip prio 3 handle 1 fw flowid 2:4
$i -t mangle -A OUTPUT -j MARK --set-mark 1
# Userzy
CNT=1
MARK=$STARTMRK
grep "^" $htb_config | grep -v "^#"| while read IP USERDOWN1 USERUP1 REM; do
if [ $USERDOWN -gt $USERDOWN1 ]; then
USERDOWN=$USERDOWN1
fi
if [ $USERUP -gt $USERUP1 ]; then
USERUP=$USERUP1
fi
if [ $USERUP1 -gt $WANUP ]; then
USERUP1=$WANUP
fi
if [ $USERDOWN1 -gt $WANDOWN ]; then
USERDOWN1=$WANDOWN
fi
$h class add dev $LANINT parent 1:2 classid 1:$[10+$CNT] htb rate ${USERDOWN}kbit ceil ${USERDOWN1}kbit prio 2 quantum 1500
$h qdisc add dev $LANINT parent 1:$[10+$CNT] $SFQ
$h filter add dev $LANINT protocol ip prio 5 parent 1:0 u32 match ip dst $IP flowid 1:$[10+$CNT]
$i -t mangle -A PREROUTING -s $IP -j MARK --set-mark $MARK
$h class add dev $WANINT parent 2:1 classid 2:$[10+$CNT] htb rate ${USERUP}kbit ceil ${USERUP1}kbit prio 2 quantum 1500
$h qdisc add dev $WANINT parent 2:$[10+$CNT] $SFQ
$h filter add dev $WANINT parent 2:0 protocol ip prio 5 handle $MARK fw flowid 2:$[10+$CNT]
MARK=$[$MARK+1]
CNT=$[$CNT+1]
done
# reszta
$h filter add dev $WANINT parent 2:0 protocol ip prio 9 u32 match ip dst 0/0 flowid 2:4
}
case "$1" in
'start')
echo -n "Uruchamianie kolejkowania..."
start
echo " wykonano."
;;
'stop')
echo -n "Zatrzymywanie kolejkowania..."
stop
echo " wykonano."
;;
'restart')
echo -n "Restartowanie kolejkowania: stop"
stop
echo -n " start"
start
echo " wykonano."
;;
'status')
echo "Klasy na interfejsie $LANINT"
echo "================================"
tc class show dev $LANINT | grep root
tc class show dev $LANINT | grep -v root | sort | nl
echo "Klasy na interfejsie $WANINT"
echo "==================================="
tc class show dev $WANINT | grep root
tc class show dev $WANINT | grep -v root | sort | nl
;;
*)
echo -e "\nUżycie: rc.htb start|stop|restart|status"
;;
esac
# rc.htb 0.1a.upl/down Zciech
#
# 19.07.04
# wpisy hostow umiescic w pliku /etc/htb_config:
# Adres_IP max_download max_upload
# 192.168.1.2 128 64 #Jacek
# 192.168.1.2 256 128 #Agatka
# po ostatnim adresie enter, nie umieszczac pustych lini
# dopuszczalne komentarze '#"
htb_config=/etc/htb_config
#htb_config=./htb_config
# wpisac wartosci dla waszej sieci
# moze kiedys zrobie konfigurator
WANINT=eth0 # iterfejs do internetu
LANINT=eth1 # interfejs do Lanu
WANDOWN=2100 # Download w kbit/s
WANUP=260 # Upload w kbit/s
LANSPD=1200000 # Predkoc Lanu w kbit/s
# Jesli tu dasz za duzo moze nic nie zostac dla userow
ICMPSPD=5 # Predkosc dla klasy ICMP kbit/s
SERVSPD=5 # Predkosc dla gosci kbit/s
PRIOPORT=22 # Port priorytetowy
SFQ="sfq perturb 10" #SFQ
STARTMRK=2 # Startowy MARK
h=/sbin/rchtb_tc
#h=echo
i=iptables
#i=echo
stop()
{
# $i -F -t mangle
# $i -X -t mangle
$h qdisc del root dev $WANINT 2> /dev/null
$h qdisc del root dev $LANINT 2> /dev/null
}
start()
{
stop # dla bezpieczeństwa
# obliczenia
WANDOWN=$[$WANDOWN*95/100]
WANUP=$[$WANUP*95/100]
LANSPD=$[$LANSPD*95/100]
LOCAL=$[$LANSPD-$WANDOWN]
ACKSPD=$[$WANDOWN/20]
CNT=0
for ii in `cat $htb_config| cut -d "#" -f1 |awk '{print $1}'`;do
CNT=$[$CNT+1]
done
if [ $CNT = 0 ]; then
CNT=1
fi
USERDOWN=$[$WANDOWN/$CNT]
if [ $USERDOWN = 0 ]; then
USERDOWN=1
fi
USERUP=$[$WANUP-$ACKSPD-$ICMPSPD-$SERVSPD]
USERUP=$[$USERUP/$CNT]
if [ $USERUP = 0 ]; then
USERUP=1
fi
# INTERFEJS LANINT (ruch przychodz±cy)
$h qdisc add dev $LANINT root handle 1:0 htb default 3 r2q 1
# Główna klasa dla LANINT
$h class add dev $LANINT parent 1:0 classid 1:1 htb rate ${LANSPD}kbit ceil ${LANSPD}kbit
# Podział na pasmo dla ł±cza internetowego i resztę
$h class add dev $LANINT parent 1:1 classid 1:2 htb rate ${WANDOWN}kbit ceil ${WANDOWN}kbit
$h class add dev $LANINT parent 1:1 classid 1:3 htb rate ${LOCAL}kbit ceil ${LOCAL}kbit prio 9
$h qdisc add dev $LANINT parent 1:3 $SFQ
# pasmo priorytetowe dla ICMP, TOS 0x10 (min. delay) oraz wybranego portu 22
$h class add dev $LANINT parent 1:2 classid 1:4 htb rate ${USERDOWN}kbit ceil ${WANDOWN}kbit prio 1 quantum 1500
$h qdisc add dev $LANINT parent 1:4 sfq perturb 10
$h filter add dev $LANINT protocol ip prio 2 parent 1:0 u32 match ip sport 22 0xffff flowid 1:4
$h filter add dev $LANINT protocol ip prio 1 parent 1:0 u32 match ip tos 0x10 0xff flowid 1:4
$h filter add dev $LANINT protocol ip prio 1 parent 1:0 u32 match ip protocol 1 0xff flowid 1:4
# transfer serwer->LAN
$h filter add dev $LANINT protocol ip prio 4 parent 1:0 handle 1 fw flowid 1:3
# INTERFEJS (ruch wychodz±cy)
$h qdisc add dev $WANINT root handle 2:0 htb default 11 r2q 1
# główna klasa
$h class add dev $WANINT parent 2:0 classid 2:1 htb rate ${WANUP}kbit ceil ${WANUP}kbit
# klasa priorytetowa ACK
$h class add dev $WANINT parent 2:1 classid 2:2 htb rate ${ACKSPD}kbit ceil ${WANUP}kbit prio 1 quantum 1500
$h qdisc add dev $WANINT parent 2:2 sfq perturb 10
$h filter add dev $WANINT parent 2:0 protocol ip prio 2 u32 match ip protocol 6 0xff \
match u8 0x05 0x0f at 0 match u16 0x0000 0xffc0 at 1 match u8 0x10 0xff at 33 flowid 2:2 # ACK
# klasa priorytetowa TOS 0x10 oraz ICMP i DNS
$h class add dev $WANINT parent 2:1 classid 2:3 htb rate ${ICMPSPD}kbit ceil ${WANUP}kbit prio 2 quantum 1500
$h qdisc add dev $WANINT parent 2:3 $SFQ
$h filter add dev $WANINT parent 2:0 protocol ip prio 1 u32 match ip tos 0x10 0xff flowid 2:3 # TOS
$h filter add dev $WANINT parent 2:0 protocol ip prio 2 u32 match ip dport 22 0xffff flowid 2:3 # port 22
$h filter add dev $WANINT parent 2:0 protocol ip prio 2 u32 match ip sport 22 0xffff flowid 2:3 # port 22
$h filter add dev $WANINT parent 2:0 protocol ip prio 1 u32 match ip dport 53 0xffff flowid 2:3 # port 53
$h filter add dev $WANINT parent 2:0 protocol ip prio 1 u32 match ip protocol 1 0xff flowid 2:3 # ICMP
# ruch dla gosci
$h class add dev $WANINT parent 2:1 classid 2:4 htb rate ${SERVSPD}kbit ceil ${WANUP}kbit prio 2 quantum 1500
$h qdisc add dev $WANINT parent 2:4 $SFQ
$h filter add dev $WANINT parent 2:0 protocol ip prio 3 handle 1 fw flowid 2:4
$i -t mangle -A OUTPUT -j MARK --set-mark 1
# Userzy
CNT=1
MARK=$STARTMRK
grep "^" $htb_config | grep -v "^#"| while read IP USERDOWN1 USERUP1 REM; do
if [ $USERDOWN -gt $USERDOWN1 ]; then
USERDOWN=$USERDOWN1
fi
if [ $USERUP -gt $USERUP1 ]; then
USERUP=$USERUP1
fi
if [ $USERUP1 -gt $WANUP ]; then
USERUP1=$WANUP
fi
if [ $USERDOWN1 -gt $WANDOWN ]; then
USERDOWN1=$WANDOWN
fi
$h class add dev $LANINT parent 1:2 classid 1:$[10+$CNT] htb rate ${USERDOWN}kbit ceil ${USERDOWN1}kbit prio 2 quantum 1500
$h qdisc add dev $LANINT parent 1:$[10+$CNT] $SFQ
$h filter add dev $LANINT protocol ip prio 5 parent 1:0 u32 match ip dst $IP flowid 1:$[10+$CNT]
$i -t mangle -A PREROUTING -s $IP -j MARK --set-mark $MARK
$h class add dev $WANINT parent 2:1 classid 2:$[10+$CNT] htb rate ${USERUP}kbit ceil ${USERUP1}kbit prio 2 quantum 1500
$h qdisc add dev $WANINT parent 2:$[10+$CNT] $SFQ
$h filter add dev $WANINT parent 2:0 protocol ip prio 5 handle $MARK fw flowid 2:$[10+$CNT]
MARK=$[$MARK+1]
CNT=$[$CNT+1]
done
# reszta
$h filter add dev $WANINT parent 2:0 protocol ip prio 9 u32 match ip dst 0/0 flowid 2:4
}
case "$1" in
'start')
echo -n "Uruchamianie kolejkowania..."
start
echo " wykonano."
;;
'stop')
echo -n "Zatrzymywanie kolejkowania..."
stop
echo " wykonano."
;;
'restart')
echo -n "Restartowanie kolejkowania: stop"
stop
echo -n " start"
start
echo " wykonano."
;;
'status')
echo "Klasy na interfejsie $LANINT"
echo "================================"
tc class show dev $LANINT | grep root
tc class show dev $LANINT | grep -v root | sort | nl
echo "Klasy na interfejsie $WANINT"
echo "==================================="
tc class show dev $WANINT | grep root
tc class show dev $WANINT | grep -v root | sort | nl
;;
*)
echo -e "\nUżycie: rc.htb start|stop|restart|status"
;;
esac
, tamten mial cos pokrecone z priorytetami filtrow.