INET=ppp0
MAXRATE=126kbit

# flush
iptables -t mangle -F
tc qdisc del dev $INET root

# group0
# acks      6kbit

# group1:
# dns
# ssh       40kbit

# group2:   60kbit
# apache
# smtp
# pop3


# group3:   20kbit
# identd
# ftp
# rsync
# icmp

# standards

# root class (root o all evil)
tc qdisc add dev $INET root handle 1:0 htb default 23

# hauptklasse...       mamapapa   ichselber    alg      minimal       maximal
tc class add dev $INET parent 1:0 classid 1:1  htb rate $MAXRATE ceil $MAXRATE

# acks
tc class add dev $INET parent 1:1 classid 1:10 htb rate 6kbit ceil $MAXRATE prio 1
tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10


# ssh / dns
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 22 -j MARK --set-mark 11
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 53 -j MARK --set-mark 11
iptables -t mangle -A POSTROUTING -o $INET -p udp --source-port 53 -j MARK --set-mark 11

# das ist nur die rule. wie es sein soll.
tc class add dev $INET parent 1:1 classid 1:11 htb rate 40kbit ceil $MAXRATE prio 2
# das ist der eintrag der in aktiv macht, auf das handle (==mark)
tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 11 fw flowid 1:11


# apache / smtp / pop
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 80 -j MARK --set-mark 12
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port pop3 -j MARK --set-mark 12
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port smtp -j MARK --set-mark 12
tc class add dev $INET parent 1:1 classid 1:12 htb rate 60kbit ceil $MAXRATE prio 2
tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 12 fw flowid 1:12


# ftp / rsync / auth / icmp
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port 20:21 -j MARK --set-mark 13
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port rsync -j MARK --set-mark 13
iptables -t mangle -A POSTROUTING -o $INET -p tcp --source-port auth -j MARK --set-mark 13
iptables -t mangle -A POSTROUTING -o $INET -p icmp -j MARK --set-mark 13
tc class add dev $INET parent 1:1 classid 1:13 htb rate 20kbit ceil $MAXRATE prio 2
tc filter add dev $INET parent 1:0 prio 0 protocol ip handle 13 fw flowid 1:13