[lms] Re: Problem z uruchomieniem modułu tc lmsd

Matys Łukasz KOMSTER Sp. z o.o. napisał(a):

...

A może ktoś podesłać konfiga od tego skryptu perlowego. W dokumentacji jakoś się nie dokopałem. U mnie lmsd działa bez kłopotu, choć nie wiem czy tak jak bym chciał. i mam wprowadzoną zmianę na sfq. KL

Mozna prosic na priva wersje na sfq tc-lmsd? Pozdrawiam.

begin #!/bin/sh IPT=/sbin/iptables TC=/sbin/tc LAN=eth2 WAN=eth1 BURST="burst 10k"

if [ "$1" == "stop" ] then $IPT -t mangle -D FORWARD -i $LAN -j LIMITSTC >/dev/null 2>&1 $IPT -t mangle -D FORWARD -o $LAN -j LIMITSTC >/dev/null 2>&1 $IPT -t mangle -F LIMITSTC >/dev/null 2>&1 $IPT -t mangle -X LIMITSTC >/dev/null 2>&1 $IPT -t mangle -F OUTPUT $IPT -t filter -F FORWARD $TC qdisc del dev $LAN root 2> /dev/null $TC qdisc del dev $WAN root 2> /dev/null

$IPT -t mangle -D FORWARD -i $LAN -j LIMITSTC >/dev/null 2>&1 $IPT -t mangle -D FORWARD -o $LAN -j LIMITSTC >/dev/null 2>&1 $IPT -t mangle -F LIMITSTC >/dev/null 2>&1 $IPT -t mangle -X LIMITSTC >/dev/null 2>&1 $IPT -t mangle -F OUTPUT $IPT -t filter -F FORWARD $TC qdisc del dev $LAN root 2> /dev/null $TC qdisc del dev $WAN root 2> /dev/null exit fi if [ "$1" == "start" ] then

$IPT -t mangle -N LIMITSTC $IPT -t mangle -I FORWARD -i $LAN -j LIMITSTC $IPT -t mangle -I FORWARD -o $LAN -j LIMITSTC # incomming traffic $IPT -t mangle -A OUTPUT -j MARK --set-mark 1 $TC qdisc add dev $LAN root handle 1:0 htb default 3 r2q 1 $TC class add dev $LAN parent 1:0 classid 1:1 htb rate 99000kbit ceil 99000kbit quantum 1500 $TC class add dev $LAN parent 1:1 classid 1:2 htb rate 8192kbit ceil 8192kbit $TC class add dev $LAN parent 1:1 classid 1:3 htb rate 98500kbit ceil 98500kbit prio 9 quantum 1500 $TC qdisc add dev $LAN parent 1:3 sfq perturb 10 # priorities for ICMP, TOS 0x10 and ports 22 and 53 $TC class add dev $LAN parent 1:2 classid 1:20 htb rate 400kbit ceil 8192kbit $BURST prio 1 quantum 1500 $TC qdisc add dev $LAN parent 1:20 sfq perturb 10 $TC filter add dev $LAN parent 1:0 protocol ip prio 2 u32 match ip sport 20 0xffff flowid 1:20 $TC filter add dev $LAN parent 1:0 protocol ip prio 2 u32 match ip sport 21 0xffff flowid 1:20 $TC filter add dev $LAN parent 1:0 protocol ip prio 2 u32 match ip sport 22 0xffff flowid 1:20 $TC filter add dev $LAN parent 1:0 protocol ip prio 2 u32 match ip sport 23 0xffff flowid 1:20 $TC filter add dev $LAN parent 1:0 protocol ip prio 2 u32 match ip sport 25 0xffff flowid 1:20 $TC filter add dev $LAN parent 1:0 protocol ip prio 2 u32 match ip sport 53 0xffff flowid 1:20 $TC filter add dev $LAN parent 1:0 protocol ip prio 2 u32 match ip sport 80 0xffff flowid 1:20 $TC filter add dev $LAN parent 1:0 protocol ip prio 2 u32 match ip sport 110 0xffff flowid 1:20 $TC filter add dev $LAN parent 1:0 protocol ip prio 2 u32 match ip src 213.134.138.181/32 flowid 1:20 $TC filter add dev $LAN parent 1:0 protocol ip prio 1 u32 match ip tos 0x10 0xff flowid 1:20 $TC filter add dev $LAN parent 1:0 protocol ip prio 1 u32 match ip protocol 1 0xff flowid 1:20 # serwer -> LAN #$TC filter add dev $LAN parent 1:0 protocol ip prio 4 handle 1 fw flowid 1:3

# outgoing traffic $TC qdisc add dev $WAN root handle 2:0 htb default 11 r2q 1 $TC class add dev $WAN parent 2:0 classid 2:1 htb rate 8192kbit ceil 8192kbit # priorities for ACK, ICMP, TOS 0x10, ports 22 and 53 $TC class add dev $WAN parent 2:1 classid 2:10 htb rate 2048kbit ceil 8192kbit prio 1 quantum 1500 $TC qdisc add dev $WAN parent 2:10 sfq perturb 10 $TC filter add dev $WAN parent 2:0 protocol ip prio 1 u32 match ip protocol 6 0xff match u8 0x05 0x0f at 0 match u16 0x0000 0xffc0 at 1 match u8 0x10 0xff at 33 flowid 2:10 $TC filter add dev $WAN parent 2:0 protocol ip prio 1 u32 match ip dport 20 0xffff flowid 2:10 $TC filter add dev $WAN parent 2:0 protocol ip prio 1 u32 match ip dport 21 0xffff flowid 2:10 $TC filter add dev $WAN parent 2:0 protocol ip prio 1 u32 match ip dport 22 0xffff flowid 2:10 $TC filter add dev $WAN parent 2:0 protocol ip prio 1 u32 match ip dport 25 0xffff flowid 2:10 $TC filter add dev $WAN parent 2:0 protocol ip prio 1 u32 match ip dport 53 0xffff flowid 2:10 $TC filter add dev $WAN parent 2:0 protocol ip prio 1 u32 match ip dport 80 0xffff flowid 2:10 $TC filter add dev $WAN parent 2:0 protocol ip prio 1 u32 match ip dport 110 0xffff flowid 2:10 $TC filter add dev $WAN parent 2:0 protocol ip prio 1 u32 match ip dst 213.134.138.181/32 flowid 2:10 $TC filter add dev $WAN parent 2:0 protocol ip prio 1 u32 match ip tos 0x10 0xff flowid 2:10 $TC filter add dev $WAN parent 2:0 protocol ip prio 1 u32 match ip protocol 1 0xff flowid 2:10 # serwer -> Internet $TC class add dev $WAN parent 2:1 classid 2:11 htb rate 1024kbit ceil 2048kbit prio 2 quantum 1500 $TC qdisc add dev $WAN parent 2:11 sfq perturb 10 $TC filter add dev $WAN parent 2:0 protocol ip prio 3 handle 1 fw flowid 2:11 $TC filter add dev $WAN parent 2:0 protocol ip prio 9 u32 match ip dst 0/0 flowid 2:11 \n

end exit fi if [ "$1" == "status" ] then echo "WAN Interface" echo "=============" $TC class show dev $WAN | grep root $TC class show dev $WAN | grep -v root | sort | nl echo "LAN Interface" echo "=============" $TC class show dev $LAN | grep root $TC class show dev $LAN | grep -v root | sort | nl exit fi echo "$0 start|stop|status" ## KONIEC

host_htb_down $TC class add dev $LAN parent 1:2 classid 1:%x htb rate %downratekbit ceil %downceilkbit $BURST prio 2 quantum 1500 \n $TC qdisc add dev $LAN parent 1:%x sfq perturb 10 \n $TC filter add dev $LAN parent 1:0 protocol ip prio 5 handle %x fw flowid 1:%x \n

host_htb_up $TC class add dev $WAN parent 2:1 classid 2:%x htb rate %upratekbit ceil %upceilkbit $BURST prio 2 quantum 1500 \n $TC qdisc add dev $WAN parent 2:%x sfq perturb 10 \n $TC filter add dev $WAN parent 2:0 protocol ip prio 5 handle %x fw flowid 2:%x \n

host_mark_down $IPT -t mangle -A LIMITSTC -d %i -j MARK --set-mark %x \n

$IPT -t mangle -A LIMITSTC -s %i -j MARK --set-mark %x \n

Tyle że to jest dla dośc sporego łącza

KL