nsbin/ancient/qos-neu

INET=ppp0
MAXRATE=126kbit

# flush
iptables -t mangle -F
tc qdisc del dev $INET root

# group0
# acks      6kbit

# group1:
# dns
# ssh       40kbit

# group2:   60kbit
# apache
# smtp
# pop3


# group3:   20kbit
# identd
# ftp
# rsync
# icmp

# standards

# root class (root o all evil)
tc qdisc add dev $INET root handle 1:0 htb default 23

# hauptklasse...       mamapapa   ichselber    alg      minimal       maximal
tc class add dev $INET parent 1:0 classid 1:1  htb rate $MAXRATE ceil $MAXRATE

# acks
tc class add dev $INET parent 1:1 classid 1:10 htb rate 6kbit ceil $MAXRATE prio 1
tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10


# ssh / dns
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 22 -j MARK --set-mark 11
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 53 -j MARK --set-mark 11
iptables -t mangle -A POSTROUTING -o $INET -p udp --source-port 53 -j MARK --set-mark 11

# das ist nur die rule. wie es sein soll.
tc class add dev $INET parent 1:1 classid 1:11 htb rate 40kbit ceil $MAXRATE prio 2
# das ist der eintrag der in aktiv macht, auf das handle (==mark)
tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 11 fw flowid 1:11


# apache / smtp / pop
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 80 -j MARK --set-mark 12
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port pop3 -j MARK --set-mark 12
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port smtp -j MARK --set-mark 12
tc class add dev $INET parent 1:1 classid 1:12 htb rate 60kbit ceil $MAXRATE prio 2
tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 12 fw flowid 1:12


# ftp / rsync / auth / icmp
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 20:21 -j MARK --set-mark 13
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port rsync -j MARK --set-mark 13
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port auth -j MARK --set-mark 13
iptables -t mangle -A POSTROUTING -o $INET -p icmp -j MARK --set-mark 13
tc class add dev $INET parent 1:1 classid 1:13 htb rate 20kbit ceil $MAXRATE prio 2
tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 13 fw flowid 1:13
init Signed-off-by: Nico Schottelius <nico@manager.schottelius.org> 2017-07-19 17:15:41 +02:00			`INET=ppp0`
			`MAXRATE=126kbit`

			`# flush`
			`iptables -t mangle -F`
			`tc qdisc del dev $INET root`

			`# group0`
			`# acks 6kbit`

			`# group1:`
			`# dns`
			`# ssh 40kbit`

			`# group2: 60kbit`
			`# apache`
			`# smtp`
			`# pop3`


			`# group3: 20kbit`
			`# identd`
			`# ftp`
			`# rsync`
			`# icmp`

			`# standards`

			`# root class (root o all evil)`
			`tc qdisc add dev $INET root handle 1:0 htb default 23`

			`# hauptklasse... mamapapa ichselber alg minimal maximal`
			`tc class add dev $INET parent 1:0 classid 1:1 htb rate $MAXRATE ceil $MAXRATE`

			`# acks`
			`tc class add dev $INET parent 1:1 classid 1:10 htb rate 6kbit ceil $MAXRATE prio 1`
			`tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10`


			`# ssh / dns`
			`iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 22 -j MARK --set-mark 11`
			`iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 53 -j MARK --set-mark 11`
			`iptables -t mangle -A POSTROUTING -o $INET -p udp --source-port 53 -j MARK --set-mark 11`

			`# das ist nur die rule. wie es sein soll.`
			`tc class add dev $INET parent 1:1 classid 1:11 htb rate 40kbit ceil $MAXRATE prio 2`
			`# das ist der eintrag der in aktiv macht, auf das handle (==mark)`
			`tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 11 fw flowid 1:11`


			`# apache / smtp / pop`
			`iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 80 -j MARK --set-mark 12`
			`iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port pop3 -j MARK --set-mark 12`
			`iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port smtp -j MARK --set-mark 12`
			`tc class add dev $INET parent 1:1 classid 1:12 htb rate 60kbit ceil $MAXRATE prio 2`
			`tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 12 fw flowid 1:12`


			`# ftp / rsync / auth / icmp`
			`iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 20:21 -j MARK --set-mark 13`
			`iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port rsync -j MARK --set-mark 13`
			`iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port auth -j MARK --set-mark 13`
			`iptables -t mangle -A POSTROUTING -o $INET -p icmp -j MARK --set-mark 13`
			`tc class add dev $INET parent 1:1 classid 1:13 htb rate 20kbit ceil $MAXRATE prio 2`
			`tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 13 fw flowid 1:13`