ip-up
#!/bin/bash
#/etc/ppp/ip-up
PPP_IPPARAM="$6"
PPP_REMOTE=$5 > /var/log/logowanie.log 2>&1
KLIENT=$2 > /var/log/logowanie.log 2>&1
INTERFEJS=$1 > /var/log/logowanie.log 2>&1
tc="/sbin/rchtb_tc"
NR_PPP=`echo $INTERFEJS | cut -c 4- `
NR_IP=`echo $PPP_REMOTE | cut -c 12- `
/usr/sbin/iptables -A FORWARD -s 0/0 -d $PPP_REMOTE -j ACCEPT
/usr/sbin/iptables -A FORWARD -s $PPP_REMOTE -j ACCEPT
/usr/sbin/iptables -t nat -A POSTROUTING -s $PPP_REMOTE -j MASQUERADE
/usr/sbin/iptables -t mangle -A POSTROUTING -o $INTERFEJS -j IMQ --todev 1
/usr/sbin/iptables -t mangle -A PREROUTING -i $INTERFEJS -j IMQ --todev 0
/usr/sbin/iptables -t mangle -A PREROUTING -s $PPP_REMOTE -j MARK --set-mark 1$NR_PPP
HTB=$(grep -vE '^[[:space:]]*(#|$)' /etc/ppp/htb_conf )
while [ "$HTB" ];do
IPLIMITED=$(echo $HTB | awk '{print $1}')
DOWNCEIL=$(echo $HTB | awk '{print $2}')
DOWNRATE=$(echo $HTB | awk '{print $3}')
UPCEIL=$(echo $HTB | awk '{print $4}')
UPRATE=$(echo $HTB | awk '{print $5}')
if [ $IPLIMITED = $PPP_REMOTE ];then
# dl
$tc class add dev imq1 parent 1:2 classid 1:20$NR_PPP htb rate $DOWNRATE ceil $DOWNCEIL prio 5 quantum 1500
$tc qdisc add dev imq1 parent 1:20$NR_PPP esfq perturb 10 hash dst
$tc filter add dev imq1 protocol ip prio 5 parent 1:0 u32 match ip dst $PPP_REMOTE flowid 1:20$NR_PPP
# ul
$tc class add dev imq0 parent 2:10 classid 2:10$NR_PPP htb rate $UPRATE ceil $UPCEIL prio 4 quantum 1500
$tc qdisc add dev imq0 parent 2:10$NR_PPP esfq perturb 10 hash dst
$tc filter add dev imq0 parent 2:0 protocol ip prio 5 handle 1$NR_PPP fw flowid 2:10$NR_PPP
fi
HTB=$(echo $HTB | sed "s%^$IPLIMITED $DOWNCEIL $DOWNRATE $UPCEIL $UPRATE%%")
done
#/etc/ppp/ip-up
PPP_IPPARAM="$6"
PPP_REMOTE=$5 > /var/log/logowanie.log 2>&1
KLIENT=$2 > /var/log/logowanie.log 2>&1
INTERFEJS=$1 > /var/log/logowanie.log 2>&1
tc="/sbin/rchtb_tc"
NR_PPP=`echo $INTERFEJS | cut -c 4- `
NR_IP=`echo $PPP_REMOTE | cut -c 12- `
/usr/sbin/iptables -A FORWARD -s 0/0 -d $PPP_REMOTE -j ACCEPT
/usr/sbin/iptables -A FORWARD -s $PPP_REMOTE -j ACCEPT
/usr/sbin/iptables -t nat -A POSTROUTING -s $PPP_REMOTE -j MASQUERADE
/usr/sbin/iptables -t mangle -A POSTROUTING -o $INTERFEJS -j IMQ --todev 1
/usr/sbin/iptables -t mangle -A PREROUTING -i $INTERFEJS -j IMQ --todev 0
/usr/sbin/iptables -t mangle -A PREROUTING -s $PPP_REMOTE -j MARK --set-mark 1$NR_PPP
HTB=$(grep -vE '^[[:space:]]*(#|$)' /etc/ppp/htb_conf )
while [ "$HTB" ];do
IPLIMITED=$(echo $HTB | awk '{print $1}')
DOWNCEIL=$(echo $HTB | awk '{print $2}')
DOWNRATE=$(echo $HTB | awk '{print $3}')
UPCEIL=$(echo $HTB | awk '{print $4}')
UPRATE=$(echo $HTB | awk '{print $5}')
if [ $IPLIMITED = $PPP_REMOTE ];then
# dl
$tc class add dev imq1 parent 1:2 classid 1:20$NR_PPP htb rate $DOWNRATE ceil $DOWNCEIL prio 5 quantum 1500
$tc qdisc add dev imq1 parent 1:20$NR_PPP esfq perturb 10 hash dst
$tc filter add dev imq1 protocol ip prio 5 parent 1:0 u32 match ip dst $PPP_REMOTE flowid 1:20$NR_PPP
# ul
$tc class add dev imq0 parent 2:10 classid 2:10$NR_PPP htb rate $UPRATE ceil $UPCEIL prio 4 quantum 1500
$tc qdisc add dev imq0 parent 2:10$NR_PPP esfq perturb 10 hash dst
$tc filter add dev imq0 parent 2:0 protocol ip prio 5 handle 1$NR_PPP fw flowid 2:10$NR_PPP
fi
HTB=$(echo $HTB | sed "s%^$IPLIMITED $DOWNCEIL $DOWNRATE $UPCEIL $UPRATE%%")
done
ip-down
#!/bin/bash
#/etc/ppp/ip-down
INTERFEJS=$1
KLIENT=$2
PPP_REMOTE=$5
NR_PPP=`echo $INTERFEJS | cut -c 4- `
NR_IP=`echo $PPP_REMOTE | cut -c 11- `
HTB=$(grep -vE '^[[:space:]]*(#|$)' /etc/ppp/htb_conf )
/usr/sbin/iptables -D FORWARD -s 0/0 -d $PPP_REMOTE -j ACCEPT
/usr/sbin/iptables -D FORWARD -s $PPP_REMOTE -j ACCEPT
/usr/sbin/iptables -t nat -D POSTROUTING -s $PPP_REMOTE -j MASQUERADE
/usr/sbin/iptables -t mangle -D POSTROUTING -o $INTERFEJS -j IMQ --todev 1
/usr/sbin/iptables -t mangle -D PREROUTING -i $INTERFEJS -j IMQ --todev 0
/usr/sbin/iptables -t mangle -D PREROUTING -s $PPP_REMOTE -j MARK --set-mark 1$NR_PPP
#Usuwanie podzialu
while [ "$HTB" ];do
IPLIMITED=$(echo $HTB | awk '{print $1}')
DOWNCEIL=$(echo $HTB | awk '{print $2}')
DOWNRATE=$(echo $HTB | awk '{print $3}')
UPCEIL=$(echo $HTB | awk '{print $4}')
UPRATE=$(echo $HTB | awk '{print $5}')
if [ $IPLIMITED = $PPP_REMOTE ];then
# dl
/sbin/rchtb_tc filter del dev imq1 protocol ip prio 5 parent 1:0 u32 match ip dst $PPP_REMOTE flowid 1:20$NR_PPP
/sbin/rchtb_tc qdisc del dev imq1 parent 1:20$NR_PPP esfq perturb 10 hash dst
/sbin/rchtb_tc class del dev imq1 parent 1:2 classid 1:20$NR_PPP htb rate $DOWNRATE ceil $DOWNCEIL prio 5 quantum 1500
# ul
/sbin/rchtb_tc filter del dev imq0 parent 2:0 protocol ip prio 5 handle 1$NR_PPP fw flowid 2:10$NR_PPP
/sbin/rchtb_tc qdisc del dev imq0 parent 2:10$NR_PPP esfq perturb 10 hash dst
/sbin/rchtb_tc class del dev imq0 parent 2:10 classid 2:10$NR_PPP htb rate $UPRATE ceil $UPCEIL prio 4 quantum 1500
fi
HTB=$(echo $HTB | sed "s%^$IPLIMITED $DOWNCEIL $DOWNRATE $UPCEIL $UPRATE%%")
done
#/etc/ppp/ip-down
INTERFEJS=$1
KLIENT=$2
PPP_REMOTE=$5
NR_PPP=`echo $INTERFEJS | cut -c 4- `
NR_IP=`echo $PPP_REMOTE | cut -c 11- `
HTB=$(grep -vE '^[[:space:]]*(#|$)' /etc/ppp/htb_conf )
/usr/sbin/iptables -D FORWARD -s 0/0 -d $PPP_REMOTE -j ACCEPT
/usr/sbin/iptables -D FORWARD -s $PPP_REMOTE -j ACCEPT
/usr/sbin/iptables -t nat -D POSTROUTING -s $PPP_REMOTE -j MASQUERADE
/usr/sbin/iptables -t mangle -D POSTROUTING -o $INTERFEJS -j IMQ --todev 1
/usr/sbin/iptables -t mangle -D PREROUTING -i $INTERFEJS -j IMQ --todev 0
/usr/sbin/iptables -t mangle -D PREROUTING -s $PPP_REMOTE -j MARK --set-mark 1$NR_PPP
#Usuwanie podzialu
while [ "$HTB" ];do
IPLIMITED=$(echo $HTB | awk '{print $1}')
DOWNCEIL=$(echo $HTB | awk '{print $2}')
DOWNRATE=$(echo $HTB | awk '{print $3}')
UPCEIL=$(echo $HTB | awk '{print $4}')
UPRATE=$(echo $HTB | awk '{print $5}')
if [ $IPLIMITED = $PPP_REMOTE ];then
# dl
/sbin/rchtb_tc filter del dev imq1 protocol ip prio 5 parent 1:0 u32 match ip dst $PPP_REMOTE flowid 1:20$NR_PPP
/sbin/rchtb_tc qdisc del dev imq1 parent 1:20$NR_PPP esfq perturb 10 hash dst
/sbin/rchtb_tc class del dev imq1 parent 1:2 classid 1:20$NR_PPP htb rate $DOWNRATE ceil $DOWNCEIL prio 5 quantum 1500
# ul
/sbin/rchtb_tc filter del dev imq0 parent 2:0 protocol ip prio 5 handle 1$NR_PPP fw flowid 2:10$NR_PPP
/sbin/rchtb_tc qdisc del dev imq0 parent 2:10$NR_PPP esfq perturb 10 hash dst
/sbin/rchtb_tc class del dev imq0 parent 2:10 classid 2:10$NR_PPP htb rate $UPRATE ceil $UPCEIL prio 4 quantum 1500
fi
HTB=$(echo $HTB | sed "s%^$IPLIMITED $DOWNCEIL $DOWNRATE $UPCEIL $UPRATE%%")
done
rc.htb
#!/bin/bash
# rc.htb 0.3.3-stable-0.2-NNND-Zciech-05.01.23, (C)PriSM 2oo3, GNU GPL
# <http://www.rc.htb.prv.pl/>
# wygenerowano: 2005-06-22 13:08:24
# 0.2 Poprawki Zciech
#przystosowanie do pppoe by Albercik
#/etc/rc.d/rc.htb
VER=0.3.3-stable-0.2-NNND-Zciech-05.01.23
TC=`which rchtb_tc`
echo "$TC"
stop()
{
$TC qdisc del root dev imq0 2> /dev/null
$TC qdisc del root dev imq1 2> /dev/null
$TC qdisc del root dev eth0 2> /dev/null
$TC qdisc del root dev eth1 2> /dev/null
}
start()
{
stop # dla bezpieczeństwa
/etc/rc.d/rc.imq stop
/etc/rc.d/rc.imq start
# INTERFEJS IMQ1 (ruch przychodzący)
$TC qdisc add dev imq1 root handle 1:0 htb default 3 r2q 1
# Główna klasa dla imq1
$TC class add dev imq1 parent 1:0 classid 1:1 htb rate 9000kbit ceil 9000kbit
# Podział na pasmo dla łącza internetowego i resztę
$TC class add dev imq1 parent 1:1 classid 1:2 htb rate 3910kbit ceil 3910kbit
$TC class add dev imq1 parent 1:1 classid 1:3 htb rate 7090kbit ceil 7090kbit prio 9
$TC qdisc add dev imq1 parent 1:3 esfq perturb 10 hash dst
# pasmo priorytetowe dla ICMP, TOS 0x10 (min. delay) oraz wybranego portu 22
$TC class add dev imq1 parent 1:2 classid 1:20 htb rate 11kbit ceil 1910kbit prio 1 quantum 1500
$TC qdisc add dev imq1 parent 1:20 esfq perturb 10 hash dst
$TC filter add dev imq1 protocol ip prio 3 parent 1:0 u32 match ip sport 22 0xffff flowid 1:20
$TC filter add dev imq1 protocol ip prio 2 parent 1:0 u32 match ip tos 0x10 0xff flowid 1:20
$TC filter add dev imq1 protocol ip prio 2 parent 1:0 u32 match ip protocol 1 0xff flowid 1:20
# transfer serwer->LAN
$TC filter add dev imq1 protocol ip prio 1 parent 1:0 handle 1 fw flowid 1:3
# INTERFEJS IMQ0 (ruch wychodzący)
$TC qdisc add dev imq0 root handle 2:0 htb default 11 r2q 1
# główna klasa
$TC class add dev imq0 parent 2:0 classid 2:1 htb rate 470kbit ceil 470kbit
# klasa priorytetowa ACK
$TC class add dev imq0 parent 2:1 classid 2:10 htb rate 470kbit ceil 480kbit prio 1 quantum 1500
$TC qdisc add dev imq0 parent 2:10 esfq perturb 10 hash dst
$TC filter add dev imq0 parent 2:0 protocol ip prio 2 u32 match ip protocol 6 0xff match u8 0x05 0x0f at 0 match u16 0x0000 0xffc0 at 1 match u8 0x10 0xff at 33 flowid 2:10 # ACK
# klasa priorytetowa TOS 0x10 oraz ICMP
$TC class add dev imq0 parent 2:1 classid 2:9 htb rate 1kbit ceil 350kbit prio 2 quantum 1500
$TC qdisc add dev imq0 parent 2:9 esfq perturb 10 hash dst
$TC filter add dev imq0 parent 2:0 protocol ip prio 1 u32 match ip tos 0x10 0xff flowid 2:9 # TOS 0x10
$TC filter add dev imq0 parent 2:0 protocol ip prio 2 u32 match ip dport 22 0xffff flowid 2:9 # port 22
$TC filter add dev imq0 parent 2:0 protocol ip prio 1 u32 match ip protocol 1 0xff flowid 2:9 # ICMP
# ruch serwerowy (pasmo dla gości z zewnątrz)
$TC class add dev imq0 parent 2:1 classid 2:11 htb rate 14kbit ceil 350kbit prio 2 quantum 1500
$TC qdisc add dev imq0 parent 2:11 esfq perturb 10 hash dst
$TC filter add dev imq0 parent 2:0 protocol ip prio 3 handle 1 fw flowid 2:11
$TC filter add dev imq0 parent 2:0 protocol ip prio 9 u32 match ip dst 0/0 flowid 2:11
/etc/rc.d/imq_link
}
echo "rc.htb 0.3.3-stable-0.2-NNND-Zciech-05.01.23, (C)PriSM 2oo3. Na licencji GNU GPL."
echo "Strona projektu: http://www.rc.htb.prv.pl/"
case "$1" in
'start')
echo -n "Uruchamianie kolejkowania..."
start
echo " wykonano."
;;
'stop')
echo -n "Zatrzymywanie kolejkowania..."
stop
echo " wykonano."
;;
'restart')
echo -n "Restartowanie kolejkowania: stop"
stop
echo -n " start"
start
echo " wykonano."
;;
'status')
echo "Klasy na interfejsie imq1"
echo "================================"
tc class show dev imq1 | grep root
tc class show dev imq1 | grep -v root | sort | nl
echo "Klasy na interfejsie imq0"
echo "==================================="
tc class show dev imq0 | grep root
tc class show dev imq0 | grep -v root | sort | nl
;;
*)
echo -e "\nUżycie: rc.htb start|stop|restart|status"
;;
esac
# rc.htb 0.3.3-stable-0.2-NNND-Zciech-05.01.23, (C)PriSM 2oo3, GNU GPL
# <http://www.rc.htb.prv.pl/>
# wygenerowano: 2005-06-22 13:08:24
# 0.2 Poprawki Zciech
#przystosowanie do pppoe by Albercik
#/etc/rc.d/rc.htb
VER=0.3.3-stable-0.2-NNND-Zciech-05.01.23
TC=`which rchtb_tc`
echo "$TC"
stop()
{
$TC qdisc del root dev imq0 2> /dev/null
$TC qdisc del root dev imq1 2> /dev/null
$TC qdisc del root dev eth0 2> /dev/null
$TC qdisc del root dev eth1 2> /dev/null
}
start()
{
stop # dla bezpieczeństwa
/etc/rc.d/rc.imq stop
/etc/rc.d/rc.imq start
# INTERFEJS IMQ1 (ruch przychodzący)
$TC qdisc add dev imq1 root handle 1:0 htb default 3 r2q 1
# Główna klasa dla imq1
$TC class add dev imq1 parent 1:0 classid 1:1 htb rate 9000kbit ceil 9000kbit
# Podział na pasmo dla łącza internetowego i resztę
$TC class add dev imq1 parent 1:1 classid 1:2 htb rate 3910kbit ceil 3910kbit
$TC class add dev imq1 parent 1:1 classid 1:3 htb rate 7090kbit ceil 7090kbit prio 9
$TC qdisc add dev imq1 parent 1:3 esfq perturb 10 hash dst
# pasmo priorytetowe dla ICMP, TOS 0x10 (min. delay) oraz wybranego portu 22
$TC class add dev imq1 parent 1:2 classid 1:20 htb rate 11kbit ceil 1910kbit prio 1 quantum 1500
$TC qdisc add dev imq1 parent 1:20 esfq perturb 10 hash dst
$TC filter add dev imq1 protocol ip prio 3 parent 1:0 u32 match ip sport 22 0xffff flowid 1:20
$TC filter add dev imq1 protocol ip prio 2 parent 1:0 u32 match ip tos 0x10 0xff flowid 1:20
$TC filter add dev imq1 protocol ip prio 2 parent 1:0 u32 match ip protocol 1 0xff flowid 1:20
# transfer serwer->LAN
$TC filter add dev imq1 protocol ip prio 1 parent 1:0 handle 1 fw flowid 1:3
# INTERFEJS IMQ0 (ruch wychodzący)
$TC qdisc add dev imq0 root handle 2:0 htb default 11 r2q 1
# główna klasa
$TC class add dev imq0 parent 2:0 classid 2:1 htb rate 470kbit ceil 470kbit
# klasa priorytetowa ACK
$TC class add dev imq0 parent 2:1 classid 2:10 htb rate 470kbit ceil 480kbit prio 1 quantum 1500
$TC qdisc add dev imq0 parent 2:10 esfq perturb 10 hash dst
$TC filter add dev imq0 parent 2:0 protocol ip prio 2 u32 match ip protocol 6 0xff match u8 0x05 0x0f at 0 match u16 0x0000 0xffc0 at 1 match u8 0x10 0xff at 33 flowid 2:10 # ACK
# klasa priorytetowa TOS 0x10 oraz ICMP
$TC class add dev imq0 parent 2:1 classid 2:9 htb rate 1kbit ceil 350kbit prio 2 quantum 1500
$TC qdisc add dev imq0 parent 2:9 esfq perturb 10 hash dst
$TC filter add dev imq0 parent 2:0 protocol ip prio 1 u32 match ip tos 0x10 0xff flowid 2:9 # TOS 0x10
$TC filter add dev imq0 parent 2:0 protocol ip prio 2 u32 match ip dport 22 0xffff flowid 2:9 # port 22
$TC filter add dev imq0 parent 2:0 protocol ip prio 1 u32 match ip protocol 1 0xff flowid 2:9 # ICMP
# ruch serwerowy (pasmo dla gości z zewnątrz)
$TC class add dev imq0 parent 2:1 classid 2:11 htb rate 14kbit ceil 350kbit prio 2 quantum 1500
$TC qdisc add dev imq0 parent 2:11 esfq perturb 10 hash dst
$TC filter add dev imq0 parent 2:0 protocol ip prio 3 handle 1 fw flowid 2:11
$TC filter add dev imq0 parent 2:0 protocol ip prio 9 u32 match ip dst 0/0 flowid 2:11
/etc/rc.d/imq_link
}
echo "rc.htb 0.3.3-stable-0.2-NNND-Zciech-05.01.23, (C)PriSM 2oo3. Na licencji GNU GPL."
echo "Strona projektu: http://www.rc.htb.prv.pl/"
case "$1" in
'start')
echo -n "Uruchamianie kolejkowania..."
start
echo " wykonano."
;;
'stop')
echo -n "Zatrzymywanie kolejkowania..."
stop
echo " wykonano."
;;
'restart')
echo -n "Restartowanie kolejkowania: stop"
stop
echo -n " start"
start
echo " wykonano."
;;
'status')
echo "Klasy na interfejsie imq1"
echo "================================"
tc class show dev imq1 | grep root
tc class show dev imq1 | grep -v root | sort | nl
echo "Klasy na interfejsie imq0"
echo "==================================="
tc class show dev imq0 | grep root
tc class show dev imq0 | grep -v root | sort | nl
;;
*)
echo -e "\nUżycie: rc.htb start|stop|restart|status"
;;
esac
htb_conf
#/etc/ppp/htb_conf
192.166.1.3 356kbit 80kbit 80kbit 32kbit
192.166.1.4 356kbit 80kbit 80kbit 32kbit
192.166.1.3 356kbit 80kbit 80kbit 32kbit
192.166.1.4 356kbit 80kbit 80kbit 32kbit
rc.imq
#!/bin/sh
# modyfikacja cudzych skryptów 23.03.2005 bhb
#" Podnoszenie interfejsów wirtulanych IMQ "
#/etc/rc.d/rc.imq
. /etc/rc.d/functions
#
case "$1" in
start)
stat_busy "Podnoszenie interfejsów wirtulanych IMQ"
#
/sbin/modprobe imq numdevs=2 &>/dev/null
/sbin/ifconfig imq0 up &>/dev/null
/sbin/ifconfig imq1 up &>/dev/null
#
stat_done
;;
stop)
#
stat_busy "Wirtualne interfejsy IMQ wyłączone"
/sbin/ifconfig imq0 down &>/dev/null
/sbin/ifconfig imq1 down &>/dev/null
/sbin/rmmod imq &>/dev/null
#
stat_done
;;
restart)
$0 stop
$0 start
;;
*)
echo ""
echo "Użycie: rc.imq [ start | stop | restart ]"
echo ""
exit
;;
esac
# modyfikacja cudzych skryptów 23.03.2005 bhb
#" Podnoszenie interfejsów wirtulanych IMQ "
#/etc/rc.d/rc.imq
. /etc/rc.d/functions
#
case "$1" in
start)
stat_busy "Podnoszenie interfejsów wirtulanych IMQ"
#
/sbin/modprobe imq numdevs=2 &>/dev/null
/sbin/ifconfig imq0 up &>/dev/null
/sbin/ifconfig imq1 up &>/dev/null
#
stat_done
;;
stop)
#
stat_busy "Wirtualne interfejsy IMQ wyłączone"
/sbin/ifconfig imq0 down &>/dev/null
/sbin/ifconfig imq1 down &>/dev/null
/sbin/rmmod imq &>/dev/null
#
stat_done
;;
restart)
$0 stop
$0 start
;;
*)
echo ""
echo "Użycie: rc.imq [ start | stop | restart ]"
echo ""
exit
;;
esac
imq_link
#!/bin/bash
#/etc/rc.d/imq_link
/usr/sbin/iptables -t mangle -A POSTROUTING -o ppp+ -j IMQ --todev 1
ip link set imq1 up
#/etc/rc.d/imq_link
/usr/sbin/iptables -t mangle -A POSTROUTING -o ppp+ -j IMQ --todev 1
ip link set imq1 up
Poprawione i dziala
:P