Re: skrypt imq pod dwa łącza
Wykończony skrypcik... poprawiłem kilka bugów. Zachowuje się stabilnie
na razie. To co ma chodzic po LAN chodzi po LAN. Reszta wpada do
właściwych kolejek.
Ktoś chce potestować... po uruchomieniu skryptu isnieje możliwość
podglądu kolejek:
np.:
./htb0.5.3 stat 192.168.0.2
./htb0.5.3 stat lan
lub ./htb0.5.3 stats
Jeśli są problemy z konfiguracją to można napisac. Postaram się
wytłmaczyć co i jak:P
Testuję go od 2h. Teraz opracowywuje metodę na squida.
Jak ktoś chce pomóc to przydało by mi się info czy paczka squida z
debiana ma jakieś łatki? Konkretnie chodzi o tą co zmienia TOS.
No i czy ktoś zna skuteczne sposoby na rozróżnienie HIT od MISS?
Metoda na stringa i connmarka odpada bo nie znalazłem łatek na jądro 2.6.9:(
#!/bin/bash
#
# rc.htb 0.5.3, (C)Lenthir 2oo4, GNU GPL
# 2004-11-01 9:30
VER="0.5.3"
DAT="2004-11-01 9:30"
MAX=3330
#######################
#Konfiguracja interfejsów:
ext_dwl=2000 #prêdko¶æ ³acza(y) na ¶wiat w kbit/s
ext_upl=220
int="`/etc/router/0.cfg` `/etc/router/1.cfg` `/etc/router/2.cfg`" #adresy IP dla interfejsów lan
ext="`/etc/router/ext.cfg`" #zewnêtrzne adresy IP
srv_ext="80.53.64.3" #zewnêtrzne IP interfejsów wyj¶ciowych
lan_int="192.168.0.0/24 192.168.1.0/24 192.168.2.0/24"
int_dwl[0]=85; int_upl[0]=85
int_dwl[1]=2; int_upl[1]=2
int_dwl[2]=80; int_upl[2]=80
TC=/sbin/tc #¶cie¿ka do tc
MODPROBE=/sbin/modprobe #¶cie¿ka do modprobe
IP=/sbin/ip #¶cie¿ka do ip
IPTABLES=/usr/local/sbin/iptables #¶cie¿ka do iptables
firewall="/etc/init.d/rc.iptables restart" #jak zrestartowaæ firewall
#u_r2q=10 #r2q
u_quantum=1500 #quantum
porty_tcp="20 21 22 23 25 53 80 110 143 220 443 993 995 27015"
porty_udp="53"
pping=1 # 0 - ping w kolejce normalnej 1 - ping w kolejce priorytetowej
#######################
if [[ $ile -ge $MAX ]]
then
echo "Niedopuszczalnie du¿o komputerów!"
exit 1
fi
#######################
stop()
{
$TC qdisc del root dev imq0 2> /dev/null
$TC qdisc del root dev imq1 2> /dev/null
$IP link set imq0 down
$IP link set imq1 down
}
start()
{ stop
#Sprawdza czy wszystkie srv_ext s± te¿ w ext, jesli nie dopisuje
ipki="$ext $int"
for srvip in $srv_ext
do
if [[ `echo $ipki | grep $srvip` != $ipki ]]; then
ext="$ext $srvip"
fi
done
ile_int=`echo ${int}|awk '{print NF}'`
ile_ext=`echo ${ext}|awk '{print NF}'`
ile=$(echo "$ile_int + $ile_ext" | bc)
# download
tmp=$(echo "$ext_dwl%$ile" | bc)
min=$(echo "$ext_dwl/$ile" | bc)
pri_min=$(echo "$min/2+$min%2" | bc)
sec_min=$(echo "$min/2" | bc)
max=$ext_dwl
echo " Ilo¶æ komputerów: $ile"
echo "%===================================================================%"
echo " Ustawianie kolejki downloadu."
echo " Minimalny download: $min kbit/s"
echo " Maksymalny download: $max kbit/s"
echo " Kolejka: -priorytetowa: $pri_min kbit/s -normalna: $sec_min kbit/s"
echo " Niewykorzystane: $tmp kbit/s"
echo " "
if [[ u_r2q=="" ]]; then
$TC qdisc add dev imq0 root handle 1:0 htb
else
$TC qdisc add dev imq0 root handle 1:0 htb r2q $u_r2q
fi
$TC class add dev imq0 parent 1:0 classid 1:1 htb rate ${ext_dwl}kbit ceil ${ext_dwl}kbit
j=2
for usr in $ext
do
$TC class add dev imq0 parent 1:1 classid 1:$j htb rate ${min}kbit ceil ${max}kbit quantum $u_quantum
$TC class add dev imq0 parent 1:$j classid 1:$(($j+1)) htb rate ${pri_min}kbit ceil ${max}kbit quantum $u_quantum
$TC class add dev imq0 parent 1:$j classid 1:$(($j+2)) htb rate ${sec_min}kbit ceil ${max}kbit quantum $u_quantum
$TC qdisc add dev imq0 parent 1:$(($j+1)) sfq
$TC qdisc add dev imq0 parent 1:$(($j+2)) sfq
$TC filter add dev imq0 protocol ip parent 1:0 pref 2 u32 match ip dst $usr flowid 1:$j
for prt in $porty_tcp
do
$TC filter add dev imq0 protocol ip parent 1:$j pref 3 u32 match ip protocol 6 0xff match ip sport $prt 0xffff flowid 1:$(($j+1))
$TC filter add dev imq0 protocol ip parent 1:$j pref 3 u32 match ip protocol 6 0xff match ip dport $prt 0xffff flowid 1:$(($j+1))
done
for prt in $porty_udp
do
$TC filter add dev imq0 protocol ip parent 1:$j pref 3 u32 match ip protocol 17 0xff match ip sport $prt 0xffff flowid 1:$(($j+1))
$TC filter add dev imq0 protocol ip parent 1:$j pref 3 u32 match ip protocol 17 0xff match ip dport $prt 0xffff flowid 1:$(($j+1))
done
if [[ $pping -eq 1 ]]; then
$TC filter add dev imq0 protocol ip parent 1:$j pref 3 u32 match ip protocol 1 0xff flowid 1:$(($j+1))
fi
$TC filter add dev imq0 protocol ip parent 1:$j pref 4 u32 match ip dst $usr flowid 1:$((j+2))
let "j=j+3"
done
for usr in $int
do
$TC class add dev imq0 parent 1:1 classid 1:$j htb rate ${min}kbit ceil ${max}kbit quantum $u_quantum
$TC class add dev imq0 parent 1:$j classid 1:$(($j+1)) htb rate ${pri_min}kbit ceil ${max}kbit quantum $u_quantum
$TC class add dev imq0 parent 1:$j classid 1:$(($j+2)) htb rate ${sec_min}kbit ceil ${max}kbit quantum $u_quantum
$TC qdisc add dev imq0 parent 1:$(($j+1)) sfq
$TC qdisc add dev imq0 parent 1:$(($j+2)) sfq
$TC filter add dev imq0 protocol ip parent 1:0 pref 2 u32 match ip dst $usr flowid 1:$j
for prt in $porty_tcp
do
$TC filter add dev imq0 protocol ip parent 1:$j pref 3 u32 match ip protocol 6 0xff match ip sport $prt 0xffff flowid 1:$(($j+1))
done
for prt in $porty_udp
do
$TC filter add dev imq0 protocol ip parent 1:$j pref 3 u32 match ip protocol 17 0xff match ip sport $prt 0xffff flowid 1:$(($j+1))
done
if [[ $pping -eq 1 ]]; then
$TC filter add dev imq0 protocol ip parent 1:$j pref 3 u32 match ip protocol 1 0xff flowid 1:$(($j+1))
fi
$TC filter add dev imq0 protocol ip parent 1:$j pref 4 u32 match ip dst $usr flowid 1:$((j+2))
let "j=j+3"
done
i=0
for ntr in $lan_int
do
$TC class add dev imq0 parent 1:0 classid 1:$j htb rate ${int_dwl[$i]}Mbit ceil ${int_dwl[$i]}Mbit quantum $u_quantum
$TC qdisc add dev imq0 parent 1:$j sfq
for ipek in $ext ${lan_int}
do
$TC filter add dev imq0 protocol ip parent 1:0 pref 1 u32 match ip src $ntr match ip dst $ipek flowid 1:$j
done
let "j=j+1"
let "i=i+1"
done
$IPTABLES -t mangle -A PREROUTING -j IMQ --todev 0
$IP link set imq0 up
# upload
tmp=$(echo "$ext_upl%$ile" | bc)
min=$(echo "$ext_upl/$ile" | bc)
pri_min=$(echo "$min/2+$min%2" | bc)
sec_min=$(echo "$min/2" | bc)
max=$ext_upl
echo " Ustawianie kolejki uploadu."
echo " Maksymalny upload: $max kbit/s"
echo " Minimalny upload userów: $min kbit/s"
echo " Kolejka: -priorytetowa: $pri_min kbit/s -normalna: $sec_min kbit/s"
echo " Niewykorzystane: $tmp kbit/s"
echo "%===================================================================%"
if [[ u_r2q=="" ]]; then
$TC qdisc add dev imq1 root handle 2:0 htb
else
$TC qdisc add dev imq1 root handle 2:0 htb r2q $u_r2q
fi
$TC class add dev imq1 parent 2:0 classid 2:1 htb rate ${ext_upl}kbit ceil ${ext_upl}kbit
j=2
for usr in $ext
do
$TC class add dev imq1 parent 2:1 classid 2:$j htb rate ${min}kbit ceil ${max}kbit quantum $u_quantum
$TC class add dev imq1 parent 2:$j classid 2:$(($j+1)) htb rate ${pri_min}kbit ceil ${max}kbit quantum $u_quantum
$TC class add dev imq1 parent 2:$j classid 2:$(($j+2)) htb rate ${sec_min}kbit ceil ${max}kbit quantum $u_quantum
$TC qdisc add dev imq1 parent 2:$(($j+1)) sfq
$TC qdisc add dev imq1 parent 2:$(($j+2)) sfq
$TC filter add dev imq1 protocol ip parent 2:0 pref 2 u32 match ip src $usr flowid 2:$j
for prt in $porty_tcp
do
$TC filter add dev imq1 protocol ip parent 2:$j pref 3 u32 match ip protocol 6 0xff match ip dport $prt 0xffff flowid 2:$(($j+1))
$TC filter add dev imq1 protocol ip parent 2:$j pref 3 u32 match ip protocol 6 0xff match ip sport $prt 0xffff flowid 2:$(($j+1))
done
for prt in $porty_udp
do
$TC filter add dev imq1 protocol ip parent 2:$j pref 3 u32 match ip protocol 17 0xff match ip dport $prt 0xffff flowid 2:$(($j+1))
$TC filter add dev imq1 protocol ip parent 2:$j pref 3 u32 match ip protocol 17 0xff match ip sport $prt 0xffff flowid 2:$(($j+1))
done
if [[ $pping -eq 1 ]]; then
$TC filter add dev imq1 protocol ip parent 2:$j pref 3 u32 match ip protocol 1 0xff flowid 2:$(($j+1))
fi
$TC filter add dev imq1 protocol ip parent 2:$j pref 4 u32 match ip src $usr flowid 2:$((j+2))
let "j=j+3"
done
for usr in $int
do
$TC class add dev imq1 parent 2:1 classid 2:$j htb rate ${min}kbit ceil ${max}kbit quantum $u_quantum
$TC class add dev imq1 parent 2:$j classid 2:$(($j+1)) htb rate ${pri_min}kbit ceil ${max}kbit quantum $u_quantum
$TC class add dev imq1 parent 2:$j classid 2:$(($j+2)) htb rate ${sec_min}kbit ceil ${max}kbit quantum $u_quantum
$TC qdisc add dev imq1 parent 2:$(($j+1)) sfq
$TC qdisc add dev imq1 parent 2:$(($j+2)) sfq
$TC filter add dev imq1 protocol ip parent 2:0 pref 2 u32 match ip src $usr flowid 2:$j
for prt in $porty_tcp
do
$TC filter add dev imq1 protocol ip parent 2:$j pref 3 u32 match ip protocol 6 0xff match ip dport $prt 0xffff flowid 2:$(($j+1))
done
for prt in $porty_udp
do
$TC filter add dev imq1 protocol ip parent 2:$j pref 3 u32 match ip protocol 17 0xff match ip dport $prt 0xffff flowid 2:$(($j+1))
done
if [[ $pping -eq 1 ]]; then
$TC filter add dev imq1 protocol ip parent 2:$j pref 3 u32 match ip protocol 1 0xff flowid 2:$(($j+1))
fi
$TC filter add dev imq1 protocol ip parent 2:$j pref 4 u32 match ip src $usr flowid 2:$((j+2))
let "j=j+3"
done
i=0
for ntr in $lan_int
do
$TC class add dev imq1 parent 2:0 classid 2:$j htb rate ${int_upl[$i]}Mbit ceil ${int_upl[$i]}Mbit quantum $u_quantum
$TC qdisc add dev imq1 parent 2:$j sfq
for ipek in $ext ${lan_int}
do
$TC filter add dev imq1 protocol ip parent 2:0 pref 1 u32 match ip dst $ntr match ip src $ipek flowid 2:$j
done
let "j=j+1"
let "i=i+1"
done
$IPTABLES -t mangle -A POSTROUTING -j IMQ --todev 1
$IP link set imq1 up
}
echo "rc.htb $VER, (C)Lenthir 2oo4, GNU GPL"
echo "$DAT"
case "$1" in
'start')
echo "Uruchamianie kolejkowania..."
start
echo "Gotowe."
exit 0
;;
'stop')
echo -n "Zatrzymywanie kolejkowania..."
stop
echo " wykonano."
;;
'restart')
echo "Restartowanie kolejkowania..."
$firewall
start
echo "Gotowe."
;;
'status')
echo "Klasy na interfejsie imq0!"
echo "%====================================%"
$TC class show dev imq0 | grep root
$TC class show dev imq0 | grep -v root | sort | nl
echo "Klasy na interfejsie imq1!"
echo "%====================================%"
$TC class show dev imq1 | grep root
$TC class show dev imq1 | grep -v root | sort | nl
;;
'stat')
if [[ "$2" == "" ]]; then
echo "Script need second argument - adress IP"
exit 1
elif [[ "$2" == "lan" ]]; then
j=2
for usr in $ext
do
let "j=j+3"
done
for usr in $int
do
let "j=j+3"
done
i=0;trs="echo \"Transfer w LAN\""
for uvs in $lan_int
do
trs="$trs && echo \"Lan[$i]:\" && tc -s class show dev imq0 | grep -A 3 \"htb 1:$j \" && tc -s class show dev imq1 | grep -A 3 \"htb 2:$j \""
let "j=j+1"
let "i=i+1"
done
watch -d -n 1 "$trs"
else
j=2
for usr in $ext
do
if [[ "$2" == "$usr" ]]; then
watch -d -n 1 "echo \"Download: \" && tc -s class show dev imq0 | grep -A 3 \"htb 1:$j \" && tc -s class show dev imq0 | grep -A 3 \"1:$(($j+1)) \" && tc -s class show dev imq0 | grep -A 3 \"1:$(($j+2)) \" && echo && echo \"Upload: \" && tc -s class show dev imq1 | grep -A 3 \"htb 2:$j \" && tc -s class show dev imq1 | grep -A 3 \"2:$(($j+1)) \" && tc -s class show dev imq1 | grep -A 3 \"2:$(($j+2)) \""
echo "Zakoñczono."
exit 0
fi
let "j=j+3"
done
for usr in $int
do
if [[ "$2" == "$usr" ]]; then
watch -d -n 1 "echo \"Download: \" && tc -s class show dev imq0 | grep -A 3 \"htb 1:$j \" && tc -s class show dev imq0 | grep -A 3 \"1:$(($j+1)) \" && tc -s class show dev imq0 | grep -A 3 \"1:$(($j+2)) \" && echo && echo \"Upload: \" && tc -s class show dev imq1 | grep -A 3 \"htb 2:$j \" && tc -s class show dev imq1 | grep -A 3 \"2:$(($j+1)) \" && tc -s class show dev imq1 | grep -A 3 \"2:$(($j+2)) \""
echo "Zakoñczono."
exit 0
fi
let "j=j+3"
done
fi
;;
*)
echo
echo "U¿ycie: rc.htb start|stop|restart|status"
echo "rc.htb stat <lan|adress IP>"
exit 1
;;
esac
Reply to: