Created
January 7, 2015 02:29
-
-
Save sammy8806/b25d2d1f7c6d14260da6 to your computer and use it in GitHub Desktop.
Linux-QoS (Traffic Shaping) mit TC
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ## Definitionen von wichtigen Variablen | |
| # Maximaler Upload in kbit | |
| MAX_UP="445" | |
| # WAN-Interface | |
| IFACE="eth0" | |
| # Standart-Queue für nicht gefilterte Pakete | |
| DEFQ="12" | |
| # Aktiviere Debug-Ausgaben? | |
| DEBUG=1 | |
| ## Programme | |
| IPT=iptables | |
| TC=tc | |
| ## Definition von Kürzeln | |
| TCQA="$TC qdisc add dev $IFACE" | |
| TCCA="$TC class add dev $IFACE" | |
| TCFA="$TC filter add dev $IFACE" | |
| IPT_APM_IF="iptables -A POSTROUTING -t mangle -o $IFACE" | |
| # Usage: <percent> <max> | |
| function percent() { | |
| MAX_UP=$2 | |
| PERC=$1 | |
| python -c "from math import ceil; print int(ceil( ${MAX_UP} * ( float(${PERC}) / 100 ) ))" | |
| } | |
| # Usage: <cmd-string> | |
| function cmd() { | |
| CMD=$1 | |
| if [[ "$DEBUG" == "1" ]]; then | |
| echo -e "#> $CMD" | |
| fi | |
| $CMD | |
| } | |
| ## Löschen aller Klassen für $IFACE und der Filterregeln | |
| cmd "$TC qdisc del dev $IFACE root" | |
| cmd "$IPT -t mangle -F" | |
| ##### | |
| # TC | |
| ##### | |
| ## Aktivieren der Default queue für $IFACE | |
| cmd "$TCQA root handle 1: htb default $DEFQ" | |
| ## Einrichten der Max-Rate | |
| cmd "$TCCA parent 1: classid 1:1 htb rate ${MAX_UP}kbit ceil ${MAX_UP}kbit" | |
| ## Ultra-Class für kleine Pakete bis 64 Bytes (SYN/ACK, ACK) => (5% der Gesamten Leitung reserviert) | |
| cmd "$TCCA parent 1:1 classid 1:10 htb rate `percent 5 $MAX_UP`kbit ceil `percent 20 $MAX_UP`kbit prio 0" | |
| ## Prio-Class für Echtzeitanwendungen => (20% reserviert) | |
| cmd "$TCCA parent 1:1 classid 1:11 htb rate `percent 20 $MAX_UP`kbit ceil `percent 90 $MAX_UP`kbit prio 1" | |
| ## Normal-Class für den rest | |
| cmd "$TCCA parent 1:1 classid 1:12 htb rate `percent 10 $MAX_UP`kbit ceil `percent 95 $MAX_UP`kbit prio 2" | |
| ## Bad-Class für Handys | |
| cmd "$TCCA parent 1:1 classid 1:13 htb rate `percent 5 $MAX_UP`kbit ceil `percent 50 $MAX_UP`kbit prio 3" | |
| ##### | |
| # Firewall | |
| ##### | |
| ## Ultra-Class | |
| cmd "$IPT_APM_IF -p tcp -m length --length :64 -j MARK --set-mark 10" | |
| ## Prio-Class | |
| # SSH | |
| cmd "$IPT_APM_IF -p tcp --dport 22 -j MARK --set-mark 11" | |
| # TS3 | |
| cmd "$IPT_APM_IF -p udp --dport 9987 -j MARK --set-mark 11" | |
| # DNS | |
| cmd "$IPT_APM_IF -p udp --dport 52 -j MARK --set-mark 11" | |
| ## Normal-Class | |
| # HTTP(s) | |
| #cmd "$IPT_APM_IF -p tcp --dport 80 -j MARK --set-mark 12" | |
| #cmd "$IPT_APM_IF -p tcp --dport 443 -j MARK --set-mark 12" | |
| ## Bad-Class | |
| cmd "iptables -A PREROUTING -t mangle -i eth1 -m iprange --src-range 172.16.1.0-172.16.1.254 -j MARK --set-mark 13" | |
| ## Binden der Klassen an die Marker | |
| cmd "$TCFA parent 1: prio 0 protocol ip handle 10 fw flowid 1:10" | |
| cmd "$TCFA parent 1: prio 0 protocol ip handle 11 fw flowid 1:11" | |
| cmd "$TCFA parent 1: prio 0 protocol ip handle 12 fw flowid 1:12" | |
| cmd "$TCFA parent 1: prio 0 protocol ip handle 13 fw flowid 1:13" | |
| ## Bisschen RRD muss sein | |
| cmd "$TCQA parent 1:10 handle 10: sfq perturb 10" | |
| cmd "$TCQA parent 1:11 handle 11: sfq perturb 10" | |
| cmd "$TCQA parent 1:12 handle 12: sfq perturb 10" | |
| cmd "$TCQA parent 1:13 handle 13: sfq perturb 10" | |
| ## Anzeigen aller Ergebnisse | |
| echo "\n-- qdisc" | |
| tc qdisc show dev $IFACE | |
| echo "\n-- class" | |
| tc class show dev $IFACE | |
| echo "\n-- filter" | |
| tc filter show dev $IFACE | |
| echo "\n-- iptables" | |
| iptables -L -t mangle |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment