jablonka.czprosek.czf

qos

 Subversion Repositories:
[/] [trunk/] [qos] - Blame information for rev 31

 

Line No. Rev Author Line
12simandl#!/bin/sh
2#
3# CZFree.Net RFC-QoS script
4#
526simandl# date: 30/06/2008
628simandl# authors: Rakerihoo, Fyzik, Libor, Dzus, Bonez, Simandl, Danny, Sinda
72simandl# references: http://www.lartc.org/
8# http://luxik.cdi.cz/~devik/qos/htb/
928simandl# http://connected.prosek.czf/forum/showthread.php?s=&threadid=9
1013simandl# http://www.simandl.cz/stranky/linux/qos/soubory/qos_base
114simandl# version: 2.1.6
1229simandl# ps ver : 0.1.9
132simandl#
14# Changelog
15#
1631simandl# 04/12/08 [sinda] doplnena podpora pro RTP dle ip operatoru fayn.cz, mujtelefon.cz, netphone.cz, aps.sbohempevnalinko.cz, fax.sipcz.net
17# 01/12/08 [sinda] File download over http do class unsupported (TERASPACE-GMBH, yandex.ru, ...)
1830simandl# 04/11/08 [simandl] podpora pro hry "Battlefield" a "Call of Duty"
1929simandl# 13/10/08 [simandl] podpora pro hru "Warhammer Online"
2028simandl# 28/09/08 [simandl] doplneni chybejicich autoru a zmena v references 10.24.1.2 na connected.prosek.czf
2127simandl# 05/08/08 [simandl] podpora pro Americas Army
2226simandl# 30/06/08 [simandl] podpora pro L2TP port 1701 UDP
2325simandl# 09/03/08 [simandl] podpora pro noncontrib
2423simandl# 01/12/07 [simandl] doplnena podpora pro hru "World Of Warcraft" 8085 3724
2519simandl# 09/08/07 [sinda] doplnena podpora pro hru "Counter-Strike Source" UDP 270xx
2618simandl# 26/07/07 [sinda] doplnena podpora pro RTP ha-vel.cz a 802.cz dle ip adresy rtp serveru operatora
2715simandl# 31/08/06 [simandl] doplnena podpora pro definici rychlosti a delitelu pro kazdy iface zvlast v souboru iface_conf
2814simandl# 14/07/06 [sinda] doplneny porty pro hru Quake 3 arena
2913simandl# 17/01/06 [simandl] doplneny TOSy pro ha-vel a hlas.802.cz do VoIP tridy 50
30# 12/12/05 [simandl] preskupeny protokoly trid - 40 mail&data 50 voip 60 web&squid - tak aby byly rovnomerne vyuzite
3110simandl# 23/11/05 [simandl] doplneny porty pro Lineage2 a Teamspeak
329simandl# 22/11/05 [danny] DSCP/ToS filtry pro SIP/RTP (VoIP), maximum reliability [DEV]
338simandl# 20/11/05 [simandl] doplnen port pro RTP
346simandl# 14/11/05 [simandl] doplneny porty pro SIP a gnomemeeting
355simandl# 08/11/05 [simandl] doplneny porty pro H.323
36# 19/08/05 [simandl] doplneny porty pro hru DarkEden
374simandl# 30/10/04 [dzus] oprava parseru MTU, vylepseni kontroly konfig. souboru
38# 27/10/04 [bonez] OpenVPN pridano do data transfer class
39# 05/06/04 [dzus] do interactive class pridan BZFlag, uprava parseru konfig souboru
402simandl# 18/02/04 [dzus] SCP zarazeno do download class (rozliseno podle TOS maximize throughput)
41# 04/01/04 [dzus] podpora pro Jedi Knight, oprava prio u filtru, oprava filtru na FTP, zruseni PPTP class
42# 20/11/03 [dzus] zrusena H323 class, pridan filtr na TCP ACK, nastaveni quantum podle MTU
43# 28/09/03 [dzus] oprava bugu ve filtrech (bez prio to nechodi dobre)
44# 27/09/03 [dzus] konfigurace interfacu se nacita z ext souboru, pridan TOS minimize delay filtr
45# 20/09/03 [dzus] vyhazeni marku z IPtables, nyni pouze filtry v tc
46# 01/09/03 [dzus] vynechani internetoveho rozhrani z konfigurace
47# 07/08/03 [fyzik] preference Inetoveho traffiku
48# 31/07/03 [fyzik] podpora pro HL@tchor, airfree, fixes
49# 05/05/03 [fyzik] podpora pro IRC, PPTP, H323, LDAP, DC, NTP
50# 04/05/03 [fyzik] napsal uvod
51# 01/05/03 [fyzik] non-CZF-RFC, inspirovan Liborovym Heaven QoS
52# 00/03/03 [Rakerihoo] napsal RFC-QoS :)
53#
54# ToDo
55# * zkusit a otestovat podtridy CZF-transfer, CZF-klient, CZF-shared a markovanat podle MAC
56# * pridat podporu ostatnich interaktivnich games
57 
58 
59### Configuration START
60 
6121simandlIFACECONFFILE='/etc/qos/iface_conf'
62IPADDRFILE="/etc/qos/ip_adresy"
632simandl 
6415simandl#default speeds and dividers
65DNONCZFSPD='64'
6625simandlDNONCONTRIBSPD='64'
6718simandlDAIRFREESPD='2048'
6815simandlDSSHDIV='2'
69DPINGDIV='2'
70DINTERACTDIV='2'
71DVOIPDIV='2'
72DWWWDIV='2'
73DXFERDIV='4'
74DDFLTDIV='8'
7513simandl 
762simandl### Configuration STOP
77 
78if [ ! -f $IFACECONFFILE ]
79then
80 echo "Interface configuration file doesn't exist - program terminated" 1>&2
81 exit 1
82fi
83 
844simandlIFACECONF=`grep -v '^[[:space:]]*#' $IFACECONFFILE`
85IFACECONF=`echo $IFACECONF | sed -e 's/[[:space:]]*}[[:space:]]*/}\\\n/g'`
86FACES=`echo -e $IFACECONF | sed -e 's/^[[:space:]]*interface[[:space:]]\+\([[:alnum:]]\+\).*/\1/;t;d'`
872simandl 
88echo "Applying CZF-QOS rules"
89 
90echo "-Set global variables"
91IPTABLES="`which iptables`"
92TC="`which tc`"
93IP="`which ip`"
94IPT_RESTORE="`which iptables-restore`"
95 
96STOCHASIS="sfq perturb 10"
97 
98QUANTUMOFFS="500"
99 
100#$IPT_RESTORE < /etc/network/iptables
101 
102echo "-Remove Qdisc root classes"
103for FACE in ${FACES} ; do
104 $TC qdisc del dev ${FACE} root &>/dev/null
10515simandl#echo $FACE
1062simandldone
107 
108## qoseni podle IP - priklad
109if [ -f $IPADDRFILE ]
110then
1114simandl NONCZF="`sed -e 's/^[[:space:]]*\([[:digit:].,/]\+\)[[:space:]].*NONCZF[[:space:]]*\+/\1/;t repl;d;: repl;y/,/ /' $IPADDRFILE`"
112 NONCZF="$NONCZF `sed -e 's/^.*[[:space:]]\+NONCZF[[:space:]]\+\([[:digit:].,/]\+\)[[:space:]]*/\1/;t repl;d;: repl;y/,/ /' $IPADDRFILE`"
11325simandl NONCONTRIB="`sed -e 's/^[[:space:]]*\([[:digit:].,/]\+\)[[:space:]].*NONCONTRIB[[:space:]]*\+/\1/;t repl;d;: repl;y/,/ /' $IPADDRFILE`"
114 NONCONTRIB="$NONCONTRIB `sed -e 's/^.*[[:space:]]\+NONCONTRIB[[:space:]]\+\([[:digit:].,/]\+\)[[:space:]]*/\1/;t repl;d;: repl;y/,/ /' $IPADDRFILE`"
1154simandl AIRFREE="`sed -e 's/^[[:space:]]*\([[:digit:].,/]\+\)[[:space:]].*AIRFREE[[:space:]]*\+/\1/;t repl;d;: repl;y/,/ /' $IPADDRFILE`"
116 AIRFREE="$AIRFREE `sed -e 's/^.*[[:space:]]\+AIRFREE[[:space:]]\+\([[:digit:].,/]\+\)[[:space:]]*/\1/;t repl;d;: repl;y/,/ /' $IPADDRFILE`"
1172simandlfi
118 
119set_qos_classes () {
120 echo "-Initializing QoS_base rules on interface $FACE (speed $SPEED)"
121 
122 $TC qdisc add dev ${FACE} root handle 1: htb default 300 r2q 2
123 $TC class add dev ${FACE} parent 1: classid 1:1 htb rate $((${SPEED}/2))kbit ceil ${SPEED}kbit burst 15k quantum ${QUANTUM}
12414simandl $TC class add dev ${FACE} parent 1:1 classid 1:5 htb rate 64kbit ceil $((${SPEED}/${SSHDIV}))kbit burst 5k prio 0 # SSH class
125 $TC class add dev ${FACE} parent 1:1 classid 1:10 htb rate 64kbit ceil $((${SPEED}/${INTERACTDIV}))kbit burst 5k prio 1 # interactive class
126 $TC class add dev ${FACE} parent 1:1 classid 1:20 htb rate 32kbit ceil $((${SPEED}/${PINGDIV}))kbit burst 5k prio 0
127 $TC class add dev ${FACE} parent 1:1 classid 1:30 htb rate 32kbit ceil 128kbit burst 5k prio 0 # routing class
12813simandl $TC class add dev ${FACE} parent 1:1 classid 1:40 htb rate 32kbit ceil $((${SPEED}/${XFERDIV}))kbit burst 5k prio 4 # email & data transfer class
129 $TC class add dev ${FACE} parent 1:1 classid 1:50 htb rate 32kbit ceil $((${SPEED}/${VOIPDIV}))kbit burst 5k prio 1 # voip class
130 $TC class add dev ${FACE} parent 1:1 classid 1:60 htb rate 32kbit ceil $((${SPEED}/${WWWDIV}))kbit burst 8k prio 3 # web & squid class
131 $TC class add dev ${FACE} parent 1:1 classid 1:300 htb rate 32kbit ceil $((${SPEED}/${DFLTDIV}))kbit burst 1k prio 5 # default trafic class
1322simandl $TC class add dev ${FACE} parent 1:1 classid 1:666 htb rate 32kbit ceil ${NONCZFSPD}kbit burst 1k prio 5 # unsupported trafic class
133 $TC class add dev ${FACE} parent 1:1 classid 1:667 htb rate 32kbit ceil ${AIRFREESPD}kbit burst 1k prio 4 # local wireless free band
13425simandl $TC class add dev ${FACE} parent 1:1 classid 1:668 htb rate 32kbit ceil ${NONCONTRIBSPD}kbit burst 1k prio 5 # non contributors trafic class
1354simandl# $TC class add dev ${FACE} parent 1:1 classid 1:999 htb rate 32kbit ceil $((${SPEED}/2))kbit burst 8k prio 4 # Inet traffic class
1362simandl 
137 $TC qdisc add dev ${FACE} parent 1:5 handle 5: $STOCHASIS # SSH sub-classes
138 $TC qdisc add dev ${FACE} parent 1:10 handle 10: $STOCHASIS # interactive sub-classes
139 $TC qdisc add dev ${FACE} parent 1:20 handle 20: $STOCHASIS # ping sub-classes
140 $TC qdisc add dev ${FACE} parent 1:30 handle 30: $STOCHASIS # routing sub-classes
14113simandl $TC qdisc add dev ${FACE} parent 1:40 handle 40: $STOCHASIS # email & data transfer sub-classes
142 $TC qdisc add dev ${FACE} parent 1:50 handle 50: $STOCHASIS # voip sub-classes
143 $TC qdisc add dev ${FACE} parent 1:60 handle 60: $STOCHASIS # web & squid sub-classes
1442simandl $TC qdisc add dev ${FACE} parent 1:300 handle 300: $STOCHASIS # default class
14525simandl $TC qdisc add dev ${FACE} parent 1:666 handle 666: $STOCHASIS # unsupported
146 $TC qdisc add dev ${FACE} parent 1:667 handle 667: $STOCHASIS # local wireless
147 $TC qdisc add dev ${FACE} parent 1:668 handle 668: $STOCHASIS # non contributor class
1484simandl# $TC qdisc add dev ${FACE} parent 1:999 handle 999: $STOCHASIS # Inet traffic
1492simandl 
150 
151 ## SSH class
152 # SSH
153 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 3 u32 match ip sport 22 0xffff match ip protocol 0x6 0xff flowid 1:5
154 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 3 u32 match ip dport 22 0xffff match ip protocol 0x6 0xff flowid 1:5
155 
156 ## Interactive class
15713simandl # NTP
158 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 123 0xffff match ip protocol 0x6 0xff flowid 1:10
159 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 123 0xffff match ip protocol 0x6 0xff flowid 1:10
160 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 123 0xffff match ip protocol 0x11 0xff flowid 1:10
161 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 123 0xffff match ip protocol 0x11 0xff flowid 1:10
1629simandl # DNS
1632simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 53 0xffff match ip protocol 0x6 0xff flowid 1:10
164 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 53 0xffff match ip protocol 0x6 0xff flowid 1:10
165 # IRC
166 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 194 0xffff match ip protocol 0x6 0xff flowid 1:10
167 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 194 0xffff match ip protocol 0x6 0xff flowid 1:10
168 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 6667 0xffff match ip protocol 0x6 0xff flowid 1:10
169 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 6667 0xffff match ip protocol 0x6 0xff flowid 1:10
170 # LDAP, LDAPs
171 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 389 0xffff match ip protocol 0x6 0xff flowid 1:10
172 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 389 0xffff match ip protocol 0x6 0xff flowid 1:10
173 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 636 0xffff match ip protocol 0x6 0xff flowid 1:10
174 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 636 0xffff match ip protocol 0x6 0xff flowid 1:10
175 # GAMES
17623simandl # World Of Warcraft
177 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 8085 0xffff match ip protocol 0x11 0xff flowid 1:10
178 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 8085 0xffff match ip protocol 0x11 0xff flowid 1:10
179 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3724 0xffff match ip protocol 0x11 0xff flowid 1:10
180 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3724 0xffff match ip protocol 0x11 0xff flowid 1:10
18114simandl # vietcong
182 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5425 0xffff match ip protocol 0x11 0xff flowid 1:10
183 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5425 0xffff match ip protocol 0x11 0xff flowid 1:10
1847simandl # LINEAGE2
185 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 2106 0xffff match ip protocol 0x11 0xff flowid 1:10
186 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 2106 0xffff match ip protocol 0x11 0xff flowid 1:10
1872simandl # Half-life
188 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27015 0xffff match ip protocol 0x11 0xff flowid 1:10
189 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27015 0xffff match ip protocol 0x11 0xff flowid 1:10
190 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27016 0xfffe match ip protocol 0x11 0xff flowid 1:10
191 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27016 0xfffe match ip protocol 0x11 0xff flowid 1:10
1924simandl # UT2003, UT2004
1932simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 7777 0xffff match ip protocol 0x11 0xff flowid 1:10
194 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 7777 0xffff match ip protocol 0x11 0xff flowid 1:10
195 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 7778 0xffff match ip protocol 0x11 0xff flowid 1:10
196 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 7778 0xffff match ip protocol 0x11 0xff flowid 1:10
1974simandl # BZFlag
198 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5154 0xffff match ip protocol 0x11 0xff flowid 1:10
199 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5154 0xffff match ip protocol 0x11 0xff flowid 1:10
2002simandl # JEDI KNIGHT
201 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 28060 0xfffe match ip protocol 0x11 0xff flowid 1:10
202 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 28060 0xfffe match ip protocol 0x11 0xff flowid 1:10
203 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 28062 0xffff match ip protocol 0x11 0xff flowid 1:10
204 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 28062 0xffff match ip protocol 0x11 0xff flowid 1:10
205 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 28070 0xfffe match ip protocol 0x11 0xff flowid 1:10
206 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 28070 0xfffe match ip protocol 0x11 0xff flowid 1:10
207 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 28072 0xfff8 match ip protocol 0x11 0xff flowid 1:10
208 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 28072 0xfff8 match ip protocol 0x11 0xff flowid 1:10
209 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 28080 0xfffe match ip protocol 0x11 0xff flowid 1:10
210 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 28080 0xfffe match ip protocol 0x11 0xff flowid 1:10
2115simandl # Dark Eden
212 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 9997 0xffff match ip protocol 0x11 0xff flowid 1:10
213 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 9997 0xffff match ip protocol 0x11 0xff flowid 1:10
214 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 9998 0xfffe match ip protocol 0x11 0xff flowid 1:10
215 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 9998 0xfffe match ip protocol 0x11 0xff flowid 1:10
216 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 9858 0xffff match ip protocol 0x11 0xff flowid 1:10
217 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 9858 0xffff match ip protocol 0x11 0xff flowid 1:10
218 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 9650 0xfffe match ip protocol 0x11 0xff flowid 1:10
219 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 9650 0xfffe match ip protocol 0x11 0xff flowid 1:10
220 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 4056 0xfffe match ip protocol 0x11 0xff flowid 1:10
221 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 4056 0xfffe match ip protocol 0x11 0xff flowid 1:10
22214simandl # Quake 3 arena
223 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27960 0xfffe match ip protocol 0x11 0xff flowid 1:10
224 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27960 0xfffe match ip protocol 0x11 0xff flowid 1:10
22519simandl # Counter-Strike Source
226 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27000 0xfff8 match ip protocol 0x11 0xff flowid 1:10
227 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27008 0xffc0 match ip protocol 0x11 0xff flowid 1:10
228 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27072 0xfff0 match ip protocol 0x11 0xff flowid 1:10
229 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27088 0xfff8 match ip protocol 0x11 0xff flowid 1:10
230 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27096 0xfffc match ip protocol 0x11 0xff flowid 1:10
231 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27000 0xfff8 match ip protocol 0x11 0xff flowid 1:10
232 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27008 0xffc0 match ip protocol 0x11 0xff flowid 1:10
233 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27072 0xfff0 match ip protocol 0x11 0xff flowid 1:10
234 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27088 0xfff8 match ip protocol 0x11 0xff flowid 1:10
235 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27096 0xfffc match ip protocol 0x11 0xff flowid 1:10
2365simandl # H323
2379simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 389 0xffff match ip protocol 0x11 0xff flowid 1:10
238 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 389 0xffff match ip protocol 0x11 0xff flowid 1:10
239 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 522 0xffff match ip protocol 0x11 0xff flowid 1:10
240 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 522 0xffff match ip protocol 0x11 0xff flowid 1:10
241 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1503 0xffff match ip protocol 0x11 0xff flowid 1:10
242 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1503 0xffff match ip protocol 0x11 0xff flowid 1:10
243 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1720 0xffff match ip protocol 0x11 0xff flowid 1:10
244 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1720 0xffff match ip protocol 0x11 0xff flowid 1:10
245 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1731 0xffff match ip protocol 0x11 0xff flowid 1:10
246 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1731 0xffff match ip protocol 0x11 0xff flowid 1:10
2476simandl # SIP
2489simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5060 0xfffe match ip protocol 0x11 0xff flowid 1:10
249 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5060 0xfffe match ip protocol 0x11 0xff flowid 1:10
2508simandl # RTP
2519simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 8000 0xffff match ip protocol 0x11 0xff flowid 1:10
252 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 8000 0xffff match ip protocol 0x11 0xff flowid 1:10
2536simandl # gnomemeeting
2549simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 30000 0xfff8 match ip protocol 0x11 0xff flowid 1:10
255 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 30000 0xfff8 match ip protocol 0x11 0xff flowid 1:10
256 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 30008 0xfffe match ip protocol 0x11 0xff flowid 1:10
257 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 30008 0xfffe match ip protocol 0x11 0xff flowid 1:10
258 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 30010 0xffff match ip protocol 0x11 0xff flowid 1:10
259 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 30010 0xffff match ip protocol 0x11 0xff flowid 1:10
260 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5000 0xfff8 match ip protocol 0x11 0xff flowid 1:10
261 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5000 0xfff8 match ip protocol 0x11 0xff flowid 1:10
262 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5010 0xfffe match ip protocol 0x11 0xff flowid 1:10
263 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5010 0xfffe match ip protocol 0x11 0xff flowid 1:10
264 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5012 0xfffe match ip protocol 0x11 0xff flowid 1:10
265 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5012 0xfffe match ip protocol 0x11 0xff flowid 1:10
26610simandl # Lineage2
267 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 7777 0xffff match ip protocol 0x6 0xff flowid 1:10
268 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 7777 0xffff match ip protocol 0x6 0xff flowid 1:10
269 # Teamspeak
270 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 8767 0xffff match ip protocol 0x11 0xff flowid 1:10
271 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 8767 0xffff match ip protocol 0x11 0xff flowid 1:10
27226simandl # L2TP
273 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1701 0xffff match ip protocol 0x11 0xff flowid 1:10
274 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1701 0xffff match ip protocol 0x11 0xff flowid 1:10
27527simandl # Americas Army
276 #UDP
277 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1716 0xfffe match ip protocol 0x11 0xff flowid 1:10
278 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1716 0xfffe match ip protocol 0x11 0xff flowid 1:10
279 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1718 0xffff match ip protocol 0x11 0xff flowid 1:10
280 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1718 0xffff match ip protocol 0x11 0xff flowid 1:10
281 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 8777 0xffff match ip protocol 0x11 0xff flowid 1:10
282 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 8777 0xffff match ip protocol 0x11 0xff flowid 1:10
283 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27900 0xffff match ip protocol 0x11 0xff flowid 1:10
284 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27900 0xffff match ip protocol 0x11 0xff flowid 1:10
285 #TCP
286 #14200
287 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 14200 0xffff match ip protocol 0x6 0xff flowid 1:10
288 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 14200 0xffff match ip protocol 0x6 0xff flowid 1:10
289 #20024 .. 20031
290 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 20024 0xfff8 match ip protocol 0x6 0xff flowid 1:10
291 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 20024 0xfff8 match ip protocol 0x6 0xff flowid 1:10
292 #20032 .. 20047
293 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 20032 0xfff0 match ip protocol 0x6 0xff flowid 1:10
294 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 20032 0xfff0 match ip protocol 0x6 0xff flowid 1:10
295 #20048
296 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 20048 0xffff match ip protocol 0x6 0xff flowid 1:10
297 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 20048 0xffff match ip protocol 0x6 0xff flowid 1:10
29829simandl # Warhammer Online
299 #TCP
300 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1380 0xffff match ip protocol 0x6 0xff flowid 1:10
301 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1380 0xffff match ip protocol 0x6 0xff flowid 1:10
302 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 10622 0xffff match ip protocol 0x6 0xff flowid 1:10
303 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 10622 0xffff match ip protocol 0x6 0xff flowid 1:10
304 #UDP 33100-33500 (32768-33791)
305 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 33100 0xfc00 match ip protocol 0x11 0xff flowid 1:10
306 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 33100 0xfc00 match ip protocol 0x11 0xff flowid 1:10
30730simandl #Battlefield 2
308 #TCP 16567, 16667
309 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 16567 0xfc00 match ip protocol 0x6 0xff flowid 1:10
310 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 16567 0xfc00 match ip protocol 0x6 0xff flowid 1:10
311 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 16667 0xfc00 match ip protocol 0x6 0xff flowid 1:10
312 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 16667 0xfc00 match ip protocol 0x6 0xff flowid 1:10
31327simandl 
31430simandl #Call of Duty 4
315 #port 28960 TCP a UDP
316 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 28960 0xfc00 flowid 1:10
317 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 28960 0xfc00 flowid 1:10
318 
3192simandl # TCP ACK packets smaller than 64 bytes
320 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 \
321 match ip protocol 6 0xff \
322 match u8 0x05 0x0f at 0 \
323 match u16 0x0000 0xffc0 at 2 \
324 match u8 0x10 0xff at 33 \
325 flowid 1:10
326 
327 ## Ping class
328 # ICMP
329 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip protocol 0x01 0xff flowid 1:20
330 
331 ## Routing class
332 # BGP
333 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 179 0xffff match ip protocol 0x6 0xff flowid 1:30
334 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 179 0xffff match ip protocol 0x6 0xff flowid 1:30
335 # OSPF
336 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip protocol 0x59 0xff flowid 1:30
337 
33813simandl ## Email & Data transfer class
3392simandl # FTP
340 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 20 0xfffe match ip protocol 0x6 0xff flowid 1:40
341 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 20 0xfffe match ip protocol 0x6 0xff flowid 1:40
342 # PPTP
343 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1723 0xffff match ip protocol 0x6 0xff flowid 1:40
344 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1723 0xffff match ip protocol 0x6 0xff flowid 1:40
345 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1723 0xffff match ip protocol 0x11 0xff flowid 1:40
346 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1723 0xffff match ip protocol 0x11 0xff flowid 1:40
3474simandl # OpenVPN
348 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5000 0xffff match ip protocol 0x11 0xff flowid 1:40
349 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5000 0xffff match ip protocol 0x11 0xff flowid 1:40
3502simandl # SCP
351 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 22 0xffff match ip protocol 0x6 0xff match ip tos 0x08 0xff flowid 1:40
352 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 22 0xffff match ip protocol 0x6 0xff match ip tos 0x08 0xff flowid 1:40
353 # POP3
35413simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 110 0xffff match ip protocol 0x6 0xff flowid 1:40
355 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 110 0xffff match ip protocol 0x6 0xff flowid 1:40
3562simandl # IMAP
35713simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 143 0xffff match ip protocol 0x6 0xff flowid 1:40
358 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 143 0xffff match ip protocol 0x6 0xff flowid 1:40
3592simandl # SMTP
36013simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 25 0xffff match ip protocol 0x6 0xff flowid 1:40
361 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 25 0xffff match ip protocol 0x6 0xff flowid 1:40
3622simandl # POP3S
36313simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 995 0xffff match ip protocol 0x6 0xff flowid 1:40
364 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 995 0xffff match ip protocol 0x6 0xff flowid 1:40
3652simandl # IMAPS
36613simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 993 0xffff match ip protocol 0x6 0xff flowid 1:40
367 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 993 0xffff match ip protocol 0x6 0xff flowid 1:40
3682simandl # SSMTP
36913simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 465 0xffff match ip protocol 0x6 0xff flowid 1:40
370 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 465 0xffff match ip protocol 0x6 0xff flowid 1:40
3712simandl # rsync
37213simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 673 0xffff match ip protocol 0x6 0xff flowid 1:40
373 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 673 0xffff match ip protocol 0x6 0xff flowid 1:40
374 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 673 0xffff match ip protocol 0x11 0xff flowid 1:40
375 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 673 0xffff match ip protocol 0x11 0xff flowid 1:40
3762simandl # CVS
37713simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 873 0xffff match ip protocol 0x6 0xff flowid 1:40
378 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 873 0xffff match ip protocol 0x6 0xff flowid 1:40
379 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 873 0xffff match ip protocol 0x11 0xff flowid 1:40
380 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 873 0xffff match ip protocol 0x11 0xff flowid 1:40
3812simandl 
38213simandl ## VOIP class
383 # VoIP typeofservice mark
384 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip tos 0x68 0xff flowid 1:50 #SIP
385 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip tos 0xb8 0xff flowid 1:50 #RTP
386 # VoIP typeofservice mark for RTP ha-vel.cz
38718simandl #$TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip tos 0x16 0xff flowid 1:50 #RTP
38813simandl # TOS mimimize delay - VoIP typeofservice mark for RTP vox.802.cz
38918simandl #$TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip tos 0x10 0xff flowid 1:50
390 # VoIP IP addr for RTP ha-vel.cz
391 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 217.66.161.0/28 flowid 1:50 #RTP
392 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 217.66.161.0/28 flowid 1:50 #RTP
393 # VoIP IP addr for RTP 802.cz
394 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 212.71.146.178 flowid 1:50 #RTP rtp.802.cz
395 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 212.71.146.178 flowid 1:50 #RTP rtp.802.cz
396 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 212.71.146.184/31 flowid 1:50 # rtp[23].802.cz
397 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 212.71.146.184/31 flowid 1:50 # rtp[23].802.cz
398 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 212.71.146.163 flowid 1:50 #RTP rtp4.802.cz
399 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 212.71.146.163 flowid 1:50 #RTP rtp4.802.cz
40031simandl # VoIP IP addr for others RTP
401 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 62.168.42.145 flowid 1:50 #sip2.fayn.cz
402 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 62.168.42.145 flowid 1:50 #sip2.fayn.cz
403 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 82.208.46.240 flowid 1:50 #sip.mujtelefon.cz
404 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 82.208.46.240 flowid 1:50 #sip.mujtelefon.cz
405 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 212.20.119.45 flowid 1:50 #sip1.netphone.cz
406 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 212.20.119.45 flowid 1:50 #sip1.netphone.cz
407 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 81.91.216.18 flowid 1:50 #aps.sbohempevnalinko.cz
408 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 81.91.216.18 flowid 1:50 #aps.sbohempevnalinko.cz
409 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 81.91.216.11 flowid 1:50 #fax.sipcz.net
410 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 81.91.216.11 flowid 1:50 #fax.sipcz.net
41113simandl 
412 ## Web & Squid class
413 # HTTP
414 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 80 0xffff match ip protocol 0x6 0xff flowid 1:60
415 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 80 0xffff match ip protocol 0x6 0xff flowid 1:60
416 # HTTPS
417 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 443 0xffff match ip protocol 0x6 0xff flowid 1:60
418 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 443 0xffff match ip protocol 0x6 0xff flowid 1:60
419 # WebCache
420 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 8080 0xffff match ip protocol 0x6 0xff flowid 1:60
421 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 8080 0xffff match ip protocol 0x6 0xff flowid 1:60
4222simandl # HTTP port
423 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3128 0xffff match ip protocol 0x6 0xff flowid 1:60
424 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3128 0xffff match ip protocol 0x6 0xff flowid 1:60
425 # ICP port
426 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3130 0xffff match ip protocol 0x6 0xff flowid 1:60
427 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3130 0xffff match ip protocol 0x6 0xff flowid 1:60
428 
429 ## Unsupported class
43031simandl # File download over http
431 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 62.67.50.0/24 flowid 1:666 # TERASPACE-GMBH
432 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 62.140.31.0/24 flowid 1:666 # TERASPACE-GMBH
433 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 64.211.146.0/24 flowid 1:666 # TERASPACE-GMBH
434 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 80.152.62.0/24 flowid 1:666 # TERASPACE-GMBH
435 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 80.231.24.0/24 flowid 1:666 # TERASPACE-GMBH
436 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 80.231.41.0/24 flowid 1:666 # TERASPACE-GMBH
437 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 80.239.137.0/24 flowid 1:666 # TERASPACE-GMBH
438 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 80.239.236.0/24 flowid 1:666 # TERASPACE-GMBH
439 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 82.129.39.0/24 flowid 1:666 # PA-TERASPACE-COGENT-1
440 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 195.122.131.0/24 flowid 1:666 # TERASPACE-GMBH
441 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 195.122.151.0/24 flowid 1:666 # TERASPACE-GMBH
442 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 195.122.152.0/23 flowid 1:666 # TERASPACE-GMBH
443 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 195.219.1.0/24 flowid 1:666 # TERASPACE-GB
444 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 206.57.14.0/24 flowid 1:666 # TERAS
445 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 77.88.62.0/24 flowid 1:666 # yandex.ru
446 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 83.229.252.0/23 flowid 1:666 # MCHOST-SYN-NET
447 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 85.17.172.0/24 flowid 1:666 # LEASEWEB (filefactory.com)
448 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 94.75.218.0/24 flowid 1:666 # LEASEWEB
449 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 78.140.128.0/18 flowid 1:666 # NL-WEBAZILLA
450 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 88.86.100.160/27 flowid 1:666 # uloz.to
451 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 88.208.16.0/20 flowid 1:666 # HALDEX-NET (letitbit.net)
452 
4532simandl # Kazaa
454 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1214 0xffff match ip protocol 0x6 0xff flowid 1:666
455 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1214 0xffff match ip protocol 0x6 0xff flowid 1:666
456 
457 # IP range of DHCP for airfree AP on this router
458 for ipaddr in $AIRFREE
459 do
460 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src $ipaddr flowid 1:667
461 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip dst $ipaddr flowid 1:667
462 done
463 # non-CZF-RFC - violators of RFCs
464 for ipaddr in $NONCZF
465 do
466 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src $ipaddr flowid 1:666
467 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip dst $ipaddr flowid 1:666
468 done
46925simandl # non-contributors
470 for ipaddr in $NONCONTRIB
471 do
472 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src $ipaddr flowid 1:668
473 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip dst $ipaddr flowid 1:668
474 done
4752simandl 
4764simandl ## Internet class
4772simandl # IPtables rule
478# $IPTABLES -t mangle -A FORWARD -s ! 10.0.0.0/8 -o ${FACE} -j MARK --set-mark 999
479# $IPTABLES -t mangle -A FORWARD -d ! 10.0.0.0/8 -o ${FACE} -j MARK --set-mark 999
480 # IPtables mark filter
481# $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 handle 999 fw flowid 1:999
482}
483 
484for FACE in $FACES
485do
4864simandl if [ -z "`$IP l | grep $FACE[:@]`" ]
487 then
488 echo "Interface $FACE doesn't exist"
489 continue
490 fi
4912simandl TYPE=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*type[[:space:]]\+\([[:alpha:]]\+\).*}.*/\1/"`
492 if [ "$TYPE" != 'transit' ]
493 then
494 continue
495 fi
496 SPEED=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*speed[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
497 QUANTUM=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*quantum[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
498 
499 if [ -z "$QUANTUM" ]
500 then
5014simandl MTU=`$IP l | grep $FACE[:@] | sed -e "s/^.*mtu[[:space:]]\+\([[:digit:]]\+\).*/\1/"`
5022simandl QUANTUM=$(($QUANTUMOFFS+$MTU))
503 fi
50415simandl 
505 NONCZFSPD=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*NONCZFSPD[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
506 if [ -z $NONCZFSPD ] ; then NONCZFSPD=$DNONCZFSPD ; fi
507 
508 AIRFREESPD=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*AIRFREESPD[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
509 if [ -z $AIRFREESPD ] ; then AIRFREESPD=$DAIRFREESPD ; fi
510 
51125simandl NONCONTRIBSPD=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*NONCONTRIBSPD[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
512 if [ -z $NONCONTRIBSPD ] ; then NONCONTRIBSPD=$DNONCONTRIBSPD ; fi
513 
51415simandl SSHDIV=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*SSHDIV[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
515 if [ -z $SSHDIV ] ; then SSHDIV=$DSSHDIV ; fi
516 
517 PINGDIV=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*PINGDIV[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
518 if [ -z $PINGDIV ] ; then PINGDIV=$DPINGDIV ; fi
519 
520 INTERACTDIV=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*INTERACTDIV[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
521 if [ -z $INTERACTDIV ] ; then INTERACTDIV=$DINTERACTDIV ; fi
522 
523 VOIPDIV=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*VOIPDIV[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
524 if [ -z $VOIPDIV ] ; then VOIPDIV=$DVOIPDIV ; fi
525 
526 WWWDIV=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*WWWDIV[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
527 if [ -z $WWWDIV ] ; then WWWDIV=$DWWWDIV ; fi
528 
529 XFERDIV=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*XFERDIV[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
530 if [ -z $XFERDIV ] ; then XFERDIV=$DXFERDIV ; fi
531 
532 DFLTDIV=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*DFLTDIV[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
533 if [ -z $DFLTDIV ] ; then DFLTDIV=$DDFLTDIV ; fi
534 
535#echo $SPEED $NONCZFSPD $AIRFREESPD $SSHDIV $PINGDIV $INTERACTDIV $VOIPDIV $WWWDIV $XFERDIV $DFLTDIV
5362simandl set_qos_classes
537done
538 
539exit 0

Powered by WebSVN 2.2.1