Cette page vous donne les différences entre la révision choisie et la version actuelle de la page.
| — |
qos.sh [2010/08/06 12:57] (Version actuelle) |
||
|---|---|---|---|
| Ligne 1: | Ligne 1: | ||
| + | Ce script n'est là que a titre indicatif, et pour sauvegarde, il n'est pas encore en production sur ma workstation, et il présente encore des boulettes. | ||
| + | <code> | ||
| + | #!/bin/bash | ||
| + | |||
| + | # Constantes | ||
| + | LOCALNET="213.41.185.56/255.255.255.255" | ||
| + | MARKPRIO1="1" | ||
| + | MARKPRIO2="2" | ||
| + | MARKPRIO3="3" | ||
| + | MARKPRIO4="4" | ||
| + | MARKPRIO5="5" | ||
| + | MARKPRIO6="6" | ||
| + | MARKPRIO7="7" | ||
| + | |||
| + | IFACE=eth0 | ||
| + | |||
| + | UPRATE="8mbit" | ||
| + | DOWNRATE="0.8mbit" | ||
| + | |||
| + | PRIORATE1="5mbit" | ||
| + | PRIORATE2="3mbit" | ||
| + | PRIORATE3="2mbit" | ||
| + | PRIORATE4="0.5mbit" | ||
| + | |||
| + | QUANTUM1="12187" | ||
| + | QUANTUM2="8625" | ||
| + | QUANTUM3="5062" | ||
| + | QUANTUM4="1500" | ||
| + | |||
| + | BURST1="1000k" | ||
| + | BURST2="400k" | ||
| + | BURST3="200k" | ||
| + | BURST4="10k" | ||
| + | |||
| + | CBURST1="300k" | ||
| + | CBURST2="200k" | ||
| + | CBURST3="10k" | ||
| + | CBURST4="1k" | ||
| + | |||
| + | iptables -t mangle -F OUTPUT | ||
| + | iptables -t mangle -F FORWARD | ||
| + | |||
| + | iptables -t mangle -A FORWARD -p icmp -j MARK --set-mark $MARKPRIO1 | ||
| + | iptables -t mangle -A OUTPUT -p icmp -j MARK --set-mark $MARKPRIO1 | ||
| + | iptables -t mangle -A INPUT -p icmp -j MARK --set-mark $MARKPRIO1 | ||
| + | |||
| + | iptables -t mangle -A FORWARD -p tcp --dport 22 -j MARK --set-mark $MARKPRIO1 | ||
| + | iptables -t mangle -A OUTPUT -p tcp --dport 22 -j MARK --set-mark $MARKPRIO1 | ||
| + | iptables -t mangle -A INPUT -p tcp --dport 22 -j MARK --set-mark $MARKPRIO1 | ||
| + | |||
| + | iptables -t mangle -A FORWARD -p tcp --dport 687 -j MARK --set-mark $MARKPRIO1 | ||
| + | iptables -t mangle -A OUTPUT -p tcp --dport 687 -j MARK --set-mark $MARKPRIO1 | ||
| + | iptables -t mangle -A INPUT -p tcp --dport 687 -j MARK --set-mark $MARKPRIO1 | ||
| + | |||
| + | iptables -t mangle -A FORWARD -p udp --dport 687 -j MARK --set-mark $MARKPRIO1 | ||
| + | iptables -t mangle -A OUTPUT -p udp --dport 687 -j MARK --set-mark $MARKPRIO1 | ||
| + | iptables -t mangle -A INPUT -p udp --dport 687 -j MARK --set-mark $MARKPRIO1 | ||
| + | |||
| + | iptables -t mangle -A FORWARD -p tcp --dport 5060 -j MARK --set-mark $MARKPRIO1 | ||
| + | iptables -t mangle -A OUTPUT -p tcp --dport 5060 -j MARK --set-mark $MARKPRIO1 | ||
| + | iptables -t mangle -A INPUT -p tcp --dport 5060 -j MARK --set-mark $MARKPRIO1 | ||
| + | |||
| + | iptables -t mangle -A FORWARD -p udp --dport 5060 -j MARK --set-mark $MARKPRIO1 | ||
| + | iptables -t mangle -A OUTPUT -p udp --dport 5060 -j MARK --set-mark $MARKPRIO1 | ||
| + | iptables -t mangle -A INPUT -p udp --dport 5060 -j MARK --set-mark $MARKPRIO1 | ||
| + | |||
| + | |||
| + | iptables -t mangle -A FORWARD -p tcp --dport 25 -j MARK --set-mark $MARKPRIO3 | ||
| + | iptables -t mangle -A OUTPUT -p tcp --dport 25 -j MARK --set-mark $MARKPRIO3 | ||
| + | |||
| + | iptables -t mangle -A FORWARD -p tcp --dport 143 -j MARK --set-mark $MARKPRIO3 | ||
| + | iptables -t mangle -A OUTPUT -p tcp --dport 143 -j MARK --set-mark $MARKPRIO3 | ||
| + | |||
| + | iptables -t mangle -A FORWARD -p tcp --dport 80 -j MARK --set-mark $MARKPRIO2 | ||
| + | iptables -t mangle -A OUTPUT -p tcp --dport 80 -j MARK --set-mark $MARKPRIO2 | ||
| + | iptables -t mangle -A INPUT -p tcp --dport 80 -j MARK --set-mark $MARKPRIO2 | ||
| + | |||
| + | iptables -t mangle -A FORWARD -p tcp --dport 443 -j MARK --set-mark $MARKPRIO2 | ||
| + | iptables -t mangle -A OUTPUT -p tcp --dport 443 -j MARK --set-mark $MARKPRIO2 | ||
| + | iptables -t mangle -A INPUT -p tcp --dport 443 -j MARK --set-mark $MARKPRIO2 | ||
| + | |||
| + | iptables -t mangle -A FORWARD -p tcp --dport 21 -j MARK --set-mark $MARKPRIO3 | ||
| + | iptables -t mangle -A OUTPUT -p tcp --dport 21 -j MARK --set-mark $MARKPRIO3 | ||
| + | iptables -t mangle -A INPUT -p tcp --dport 21 -j MARK --set-mark $MARKPRIO3 | ||
| + | |||
| + | ifconfig $IFACE txqueuelen 128 | ||
| + | |||
| + | tc qdisc add dev $IFACE root handle 1:0 htb default 103 r2q 1 | ||
| + | tc class add dev $IFACE parent 1:0 classid 1:1 htb rate $UPRATE burst $BURST1 cburst $CBURST1 | ||
| + | |||
| + | tc class add dev $IFACE parent 1:1 classid 1:101 htb rate $PRIORATE1 ceil $UPRATE quantum $QUANTUM1 burst $BURST1 cburst $CBURST1 prio 0 | ||
| + | tc class add dev $IFACE parent 1:1 classid 1:102 htb rate $PRIORATE2 ceil $UPRATE quantum $QUANTUM2 burst $BURST2 cburst $CBURST2 prio 1 | ||
| + | tc class add dev $IFACE parent 1:1 classid 1:103 htb rate $PRIORATE3 ceil $UPRATE quantum $QUANTUM3 burst $BURST3 cburst $CBURST3 prio 2 | ||
| + | tc class add dev $IFACE parent 1:1 classid 1:104 htb rate $PRIORATE4 ceil $P2PRATE quantum $QUANTUM4 burst $BURST4 cburst $CBURST4 prio 3 | ||
| + | |||
| + | tc filter add dev $IFACE parent 1:0 protocol ip prio 0 handle $MARKPRIO1 fw classid 1:101 | ||
| + | tc filter add dev $IFACE parent 1:0 protocol ip prio 1 handle $MARKPRIO2 fw classid 1:102 | ||
| + | tc filter add dev $IFACE parent 1:0 protocol ip prio 2 handle $MARKPRIO3 fw classid 1:103 | ||
| + | tc filter add dev $IFACE parent 1:0 protocol ip prio 3 handle $MARKPRIO4 fw classid 1:104 | ||
| + | |||
| + | tc qdisc add dev $IFACE parent 1:101 sfq perturb 16 quantum $QUANTUM1 | ||
| + | tc qdisc add dev $IFACE parent 1:102 sfq perturb 16 quantum $QUANTUM2 | ||
| + | tc qdisc add dev $IFACE parent 1:103 sfq perturb 16 quantum $QUANTUM3 | ||
| + | tc qdisc add dev $IFACE parent 1:104 sfq perturb 16 quantum $QUANTUM4 | ||
| + | </code> | ||