++ cleanup

2018-03-30 14:31:55 +02:00 · 2018-03-30 14:31:55 +02:00 · e429c7adda
commit e429c7adda
parent 406bd43f4a
20 changed files with 5 additions and 844 deletions
--- a/ancient/README.md
+++ b/ancient/README.md
@ -0,0 +1,5 @@
+Only kept for historic reasons:
+
+- use at your own risk
+- use for inspiration
+- but don't use for production
--- a/ancient/qos-neu
+++ b/ancient/qos-neu
@ -0,0 +1,66 @@
+INET=ppp0
+MAXRATE=126kbit
+
+# flush
+iptables -t mangle -F
+tc qdisc del dev $INET root
+
+# group0
+# acks      6kbit
+
+# group1:
+# dns
+# ssh       40kbit
+
+# group2:   60kbit
+# apache
+# smtp
+# pop3
+
+
+# group3:   20kbit
+# identd
+# ftp
+# rsync
+# icmp
+
+# standards
+
+# root class (root o all evil)
+tc qdisc add dev $INET root handle 1:0 htb default 23
+
+# hauptklasse...       mamapapa   ichselber    alg      minimal       maximal
+tc class add dev $INET parent 1:0 classid 1:1  htb rate $MAXRATE ceil $MAXRATE
+
+# acks
+tc class add dev $INET parent 1:1 classid 1:10 htb rate 6kbit ceil $MAXRATE prio 1
+tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10
+
+
+# ssh / dns
+iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 22 -j MARK --set-mark 11
+iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 53 -j MARK --set-mark 11
+iptables -t mangle -A POSTROUTING -o $INET -p udp --source-port 53 -j MARK --set-mark 11
+
+# das ist nur die rule. wie es sein soll.
+tc class add dev $INET parent 1:1 classid 1:11 htb rate 40kbit ceil $MAXRATE prio 2
+# das ist der eintrag der in aktiv macht, auf das handle (==mark)
+tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 11 fw flowid 1:11
+
+
+# apache / smtp / pop
+iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 80 -j MARK --set-mark 12
+iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port pop3 -j MARK --set-mark 12
+iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port smtp -j MARK --set-mark 12
+tc class add dev $INET parent 1:1 classid 1:12 htb rate 60kbit ceil $MAXRATE prio 2
+tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 12 fw flowid 1:12
+
+
+# ftp / rsync / auth / icmp
+iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 20:21 -j MARK --set-mark 13
+iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port rsync -j MARK --set-mark 13
+iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port auth -j MARK --set-mark 13
+iptables -t mangle -A POSTROUTING -o $INET -p icmp -j MARK --set-mark 13
+tc class add dev $INET parent 1:1 classid 1:13 htb rate 20kbit ceil $MAXRATE prio 2
+tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 13 fw flowid 1:13
+