jablonka.czprosek.czf

qos

 Subversion Repositories:
[/] [trunk/] [qos] - Blame information for rev 56

 

Line No. Rev Author Line
12simandl#!/bin/sh
2#
3# CZFree.Net RFC-QoS script
4#
526simandl# date: 30/06/2008
628simandl# authors: Rakerihoo, Fyzik, Libor, Dzus, Bonez, Simandl, Danny, Sinda
72simandl# references: http://www.lartc.org/
8# http://luxik.cdi.cz/~devik/qos/htb/
928simandl# http://connected.prosek.czf/forum/showthread.php?s=&threadid=9
1013simandl# http://www.simandl.cz/stranky/linux/qos/soubory/qos_base
114simandl# version: 2.1.6
1229simandl# ps ver : 0.1.9
132simandl#
14# Changelog
15#
1656simandl# 03/08/10 [simandl] StarCraft II port 1119
1754sinda# 28/04/09 [sinda] podpora pro hru rFactor (TCP 34447, UDP 34397)
1853sinda# 14/04/09 [sinda] rtp ha-vel oprava prefixu 28 -> 24
1952sinda# 05/04/09 [sinda] VATSIM Microsoft Flight simulator FS2004 (TCP/UDP 6809, 6073, 3782 a 3290)
2051sinda# 25/03/09 [sinda] VoIP IP addr for sip.volny.cz (rtp servery)
2150simandl# 20/03/09 [simandl] VoIP IP addr for sip.volny.cz
2249sinda# 18/03/09 [sinda] podpora ip RTP pro VoIP od t-com.sk (195.146.137.186/31 TCP/UDP)
2348simandl# 13/03/09 [simandl] OpenVPN presunuto do web tridy
2447sinda# 03/03/09 [sinda] podpora obecne pro PS3 (TCP: 5223, 10070-10080, UDP: 3478-3479, 3658, 3678, 10070-10080)
2546sinda# 03/03/09 [sinda] uprava ceil trid, snaha o rozliseni preferenci
26# 03/03/09 [sinda] oprava podpory pro Battlefield 2 (TCP 16567, 16667)
2745sinda# 26/02/09 [sinda] podpora pro Vonage voip, UDP vse z 69.59.241/24
2844simandl# 11/02/09 [simandl] za provoz na 802.cz povazovano vse v subnetu 212.71.146.128/26
29# 10/02/09 [simandl] doplnena podpora pro Cisco VPN
3041simandl# 09/02/09 [sinda] doplnena podpora pro Call of Duty 4 (na PS3) - UDP: 3074, 3075, 3080
3140sinda# 02/02/09 [sinda] doplnena podpora pro nntps a vnc do tridy 40 (data transfer)
3239simandl# 25/01/09 [simandl] doplnena podpora pro svn port 3690
3338simandl# 14/01/09 [sinda] doplnena podpora pro hru "Sniper Elite" porty UDP 21540 a 54468
34# 13/01/09 [sinda] doplnena podpora pro RTP dle ip operatora systinet.com a rozsireni portu OpenVPN o 1194/UDP
3537simandl# 07/01/09 [simandl] doplnena podpora pro hru "World Of Warcraft" porty 6112 a 6881-6999
3634simandl# 23/12/08 [simandl] podpora pro ventrilo
3731simandl# 04/12/08 [sinda] doplnena podpora pro RTP dle ip operatoru fayn.cz, mujtelefon.cz, netphone.cz, aps.sbohempevnalinko.cz, fax.sipcz.net
3832simandl# 01/12/08 [sinda] File download over http do class airfree (TERASPACE-GMBH, yandex.ru, ...)
3930simandl# 04/11/08 [simandl] podpora pro hry "Battlefield" a "Call of Duty"
4029simandl# 13/10/08 [simandl] podpora pro hru "Warhammer Online"
4128simandl# 28/09/08 [simandl] doplneni chybejicich autoru a zmena v references 10.24.1.2 na connected.prosek.czf
4227simandl# 05/08/08 [simandl] podpora pro Americas Army
4326simandl# 30/06/08 [simandl] podpora pro L2TP port 1701 UDP
4425simandl# 09/03/08 [simandl] podpora pro noncontrib
4523simandl# 01/12/07 [simandl] doplnena podpora pro hru "World Of Warcraft" 8085 3724
4619simandl# 09/08/07 [sinda] doplnena podpora pro hru "Counter-Strike Source" UDP 270xx
4718simandl# 26/07/07 [sinda] doplnena podpora pro RTP ha-vel.cz a 802.cz dle ip adresy rtp serveru operatora
4815simandl# 31/08/06 [simandl] doplnena podpora pro definici rychlosti a delitelu pro kazdy iface zvlast v souboru iface_conf
4914simandl# 14/07/06 [sinda] doplneny porty pro hru Quake 3 arena
5013simandl# 17/01/06 [simandl] doplneny TOSy pro ha-vel a hlas.802.cz do VoIP tridy 50
51# 12/12/05 [simandl] preskupeny protokoly trid - 40 mail&data 50 voip 60 web&squid - tak aby byly rovnomerne vyuzite
5210simandl# 23/11/05 [simandl] doplneny porty pro Lineage2 a Teamspeak
539simandl# 22/11/05 [danny] DSCP/ToS filtry pro SIP/RTP (VoIP), maximum reliability [DEV]
548simandl# 20/11/05 [simandl] doplnen port pro RTP
556simandl# 14/11/05 [simandl] doplneny porty pro SIP a gnomemeeting
565simandl# 08/11/05 [simandl] doplneny porty pro H.323
57# 19/08/05 [simandl] doplneny porty pro hru DarkEden
584simandl# 30/10/04 [dzus] oprava parseru MTU, vylepseni kontroly konfig. souboru
59# 27/10/04 [bonez] OpenVPN pridano do data transfer class
60# 05/06/04 [dzus] do interactive class pridan BZFlag, uprava parseru konfig souboru
612simandl# 18/02/04 [dzus] SCP zarazeno do download class (rozliseno podle TOS maximize throughput)
62# 04/01/04 [dzus] podpora pro Jedi Knight, oprava prio u filtru, oprava filtru na FTP, zruseni PPTP class
63# 20/11/03 [dzus] zrusena H323 class, pridan filtr na TCP ACK, nastaveni quantum podle MTU
64# 28/09/03 [dzus] oprava bugu ve filtrech (bez prio to nechodi dobre)
65# 27/09/03 [dzus] konfigurace interfacu se nacita z ext souboru, pridan TOS minimize delay filtr
66# 20/09/03 [dzus] vyhazeni marku z IPtables, nyni pouze filtry v tc
67# 01/09/03 [dzus] vynechani internetoveho rozhrani z konfigurace
68# 07/08/03 [fyzik] preference Inetoveho traffiku
69# 31/07/03 [fyzik] podpora pro HL@tchor, airfree, fixes
70# 05/05/03 [fyzik] podpora pro IRC, PPTP, H323, LDAP, DC, NTP
71# 04/05/03 [fyzik] napsal uvod
72# 01/05/03 [fyzik] non-CZF-RFC, inspirovan Liborovym Heaven QoS
73# 00/03/03 [Rakerihoo] napsal RFC-QoS :)
74#
75# ToDo
76# * zkusit a otestovat podtridy CZF-transfer, CZF-klient, CZF-shared a markovanat podle MAC
77# * pridat podporu ostatnich interaktivnich games
78 
79 
80### Configuration START
81 
8221simandlIFACECONFFILE='/etc/qos/iface_conf'
83IPADDRFILE="/etc/qos/ip_adresy"
842simandl 
8515simandl#default speeds and dividers
86DNONCZFSPD='64'
8725simandlDNONCONTRIBSPD='64'
8818simandlDAIRFREESPD='2048'
8915simandlDSSHDIV='2'
90DPINGDIV='2'
91DINTERACTDIV='2'
92DVOIPDIV='2'
93DWWWDIV='2'
94DXFERDIV='4'
95DDFLTDIV='8'
9613simandl 
972simandl### Configuration STOP
98 
99if [ ! -f $IFACECONFFILE ]
100then
101 echo "Interface configuration file doesn't exist - program terminated" 1>&2
102 exit 1
103fi
104 
1054simandlIFACECONF=`grep -v '^[[:space:]]*#' $IFACECONFFILE`
106IFACECONF=`echo $IFACECONF | sed -e 's/[[:space:]]*}[[:space:]]*/}\\\n/g'`
107FACES=`echo -e $IFACECONF | sed -e 's/^[[:space:]]*interface[[:space:]]\+\([[:alnum:]]\+\).*/\1/;t;d'`
1082simandl 
109echo "Applying CZF-QOS rules"
110 
111echo "-Set global variables"
112IPTABLES="`which iptables`"
113TC="`which tc`"
114IP="`which ip`"
115IPT_RESTORE="`which iptables-restore`"
116 
117STOCHASIS="sfq perturb 10"
118 
119QUANTUMOFFS="500"
120 
121#$IPT_RESTORE < /etc/network/iptables
122 
123echo "-Remove Qdisc root classes"
124for FACE in ${FACES} ; do
125 $TC qdisc del dev ${FACE} root &>/dev/null
12615simandl#echo $FACE
1272simandldone
128 
129## qoseni podle IP - priklad
130if [ -f $IPADDRFILE ]
131then
1324simandl NONCZF="`sed -e 's/^[[:space:]]*\([[:digit:].,/]\+\)[[:space:]].*NONCZF[[:space:]]*\+/\1/;t repl;d;: repl;y/,/ /' $IPADDRFILE`"
133 NONCZF="$NONCZF `sed -e 's/^.*[[:space:]]\+NONCZF[[:space:]]\+\([[:digit:].,/]\+\)[[:space:]]*/\1/;t repl;d;: repl;y/,/ /' $IPADDRFILE`"
13425simandl NONCONTRIB="`sed -e 's/^[[:space:]]*\([[:digit:].,/]\+\)[[:space:]].*NONCONTRIB[[:space:]]*\+/\1/;t repl;d;: repl;y/,/ /' $IPADDRFILE`"
135 NONCONTRIB="$NONCONTRIB `sed -e 's/^.*[[:space:]]\+NONCONTRIB[[:space:]]\+\([[:digit:].,/]\+\)[[:space:]]*/\1/;t repl;d;: repl;y/,/ /' $IPADDRFILE`"
1364simandl AIRFREE="`sed -e 's/^[[:space:]]*\([[:digit:].,/]\+\)[[:space:]].*AIRFREE[[:space:]]*\+/\1/;t repl;d;: repl;y/,/ /' $IPADDRFILE`"
137 AIRFREE="$AIRFREE `sed -e 's/^.*[[:space:]]\+AIRFREE[[:space:]]\+\([[:digit:].,/]\+\)[[:space:]]*/\1/;t repl;d;: repl;y/,/ /' $IPADDRFILE`"
1382simandlfi
139 
140set_qos_classes () {
141 echo "-Initializing QoS_base rules on interface $FACE (speed $SPEED)"
142 
143 $TC qdisc add dev ${FACE} root handle 1: htb default 300 r2q 2
144 $TC class add dev ${FACE} parent 1: classid 1:1 htb rate $((${SPEED}/2))kbit ceil ${SPEED}kbit burst 15k quantum ${QUANTUM}
14532simandl $TC class add dev ${FACE} parent 1:1 classid 1:5 htb rate 64kbit ceil $((${SPEED}/${SSHDIV}))kbit burst 5k prio 1 # SSH class
14638simandl $TC class add dev ${FACE} parent 1:1 classid 1:10 htb rate 192kbit ceil $((${SPEED}/${INTERACTDIV}))kbit burst 5k prio 1 # interactive class
14746sinda $TC class add dev ${FACE} parent 1:1 classid 1:20 htb rate 64kbit ceil $((${SPEED}/${PINGDIV}))kbit burst 5k prio 0
148 $TC class add dev ${FACE} parent 1:1 classid 1:30 htb rate 64kbit ceil 128kbit burst 5k prio 0 # routing class
149 $TC class add dev ${FACE} parent 1:1 classid 1:40 htb rate 48kbit ceil $((${SPEED}/${XFERDIV}))kbit burst 5k prio 4 # email & data transfer class
15038simandl $TC class add dev ${FACE} parent 1:1 classid 1:50 htb rate 192kbit ceil $((${SPEED}/${VOIPDIV}))kbit burst 5k prio 0 # voip class
15146sinda $TC class add dev ${FACE} parent 1:1 classid 1:60 htb rate 48kbit ceil $((${SPEED}/${WWWDIV}))kbit burst 8k prio 3 # web & squid class
15213simandl $TC class add dev ${FACE} parent 1:1 classid 1:300 htb rate 32kbit ceil $((${SPEED}/${DFLTDIV}))kbit burst 1k prio 5 # default trafic class
1532simandl $TC class add dev ${FACE} parent 1:1 classid 1:666 htb rate 32kbit ceil ${NONCZFSPD}kbit burst 1k prio 5 # unsupported trafic class
154 $TC class add dev ${FACE} parent 1:1 classid 1:667 htb rate 32kbit ceil ${AIRFREESPD}kbit burst 1k prio 4 # local wireless free band
15525simandl $TC class add dev ${FACE} parent 1:1 classid 1:668 htb rate 32kbit ceil ${NONCONTRIBSPD}kbit burst 1k prio 5 # non contributors trafic class
1564simandl# $TC class add dev ${FACE} parent 1:1 classid 1:999 htb rate 32kbit ceil $((${SPEED}/2))kbit burst 8k prio 4 # Inet traffic class
1572simandl 
158 $TC qdisc add dev ${FACE} parent 1:5 handle 5: $STOCHASIS # SSH sub-classes
159 $TC qdisc add dev ${FACE} parent 1:10 handle 10: $STOCHASIS # interactive sub-classes
160 $TC qdisc add dev ${FACE} parent 1:20 handle 20: $STOCHASIS # ping sub-classes
161 $TC qdisc add dev ${FACE} parent 1:30 handle 30: $STOCHASIS # routing sub-classes
16213simandl $TC qdisc add dev ${FACE} parent 1:40 handle 40: $STOCHASIS # email & data transfer sub-classes
163 $TC qdisc add dev ${FACE} parent 1:50 handle 50: $STOCHASIS # voip sub-classes
164 $TC qdisc add dev ${FACE} parent 1:60 handle 60: $STOCHASIS # web & squid sub-classes
1652simandl $TC qdisc add dev ${FACE} parent 1:300 handle 300: $STOCHASIS # default class
16625simandl $TC qdisc add dev ${FACE} parent 1:666 handle 666: $STOCHASIS # unsupported
167 $TC qdisc add dev ${FACE} parent 1:667 handle 667: $STOCHASIS # local wireless
168 $TC qdisc add dev ${FACE} parent 1:668 handle 668: $STOCHASIS # non contributor class
1694simandl# $TC qdisc add dev ${FACE} parent 1:999 handle 999: $STOCHASIS # Inet traffic
1702simandl 
171 
172 ## SSH class
173 # SSH
174 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 3 u32 match ip sport 22 0xffff match ip protocol 0x6 0xff flowid 1:5
175 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 3 u32 match ip dport 22 0xffff match ip protocol 0x6 0xff flowid 1:5
176 
177 ## Interactive class
17813simandl # NTP
179 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 123 0xffff match ip protocol 0x6 0xff flowid 1:10
180 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 123 0xffff match ip protocol 0x6 0xff flowid 1:10
181 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 123 0xffff match ip protocol 0x11 0xff flowid 1:10
182 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 123 0xffff match ip protocol 0x11 0xff flowid 1:10
1839simandl # DNS
1842simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 53 0xffff match ip protocol 0x6 0xff flowid 1:10
185 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 53 0xffff match ip protocol 0x6 0xff flowid 1:10
186 # IRC
187 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 194 0xffff match ip protocol 0x6 0xff flowid 1:10
188 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 194 0xffff match ip protocol 0x6 0xff flowid 1:10
189 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 6667 0xffff match ip protocol 0x6 0xff flowid 1:10
190 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 6667 0xffff match ip protocol 0x6 0xff flowid 1:10
191 # LDAP, LDAPs
192 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 389 0xffff match ip protocol 0x6 0xff flowid 1:10
193 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 389 0xffff match ip protocol 0x6 0xff flowid 1:10
194 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 636 0xffff match ip protocol 0x6 0xff flowid 1:10
195 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 636 0xffff match ip protocol 0x6 0xff flowid 1:10
196 # GAMES
19738simandl # Sniper Elite
198 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 21540 0xffff match ip protocol 0x11 0xff flowid 1:10
199 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 21540 0xffff match ip protocol 0x11 0xff flowid 1:10
200 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 54468 0xffff match ip protocol 0x11 0xff flowid 1:10
201 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 54468 0xffff match ip protocol 0x11 0xff flowid 1:10
20223simandl # World Of Warcraft
20336simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 8085 0xffff flowid 1:10
204 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 8085 0xffff flowid 1:10
205 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3724 0xffff flowid 1:10
206 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3724 0xffff flowid 1:10
20738simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 6112 0xffff flowid 1:10
208 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 6112 0xffff flowid 1:10
20936simandl #6881..6999 is covered by (6880..6911 + 6912..6975 + 6976..7007)
21038simandl# $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 6880 0xffe0 flowid 1:10
211# $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 6880 0xffe0 flowid 1:10
21236simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 6912 0xffc0 flowid 1:10
213 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 6912 0xffc0 flowid 1:10
214 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 6976 0xffe0 flowid 1:10
215 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 6976 0xffe0 flowid 1:10
21614simandl # vietcong
217 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5425 0xffff match ip protocol 0x11 0xff flowid 1:10
218 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5425 0xffff match ip protocol 0x11 0xff flowid 1:10
2197simandl # LINEAGE2
220 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 2106 0xffff match ip protocol 0x11 0xff flowid 1:10
221 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 2106 0xffff match ip protocol 0x11 0xff flowid 1:10
2222simandl # Half-life
223 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27015 0xffff match ip protocol 0x11 0xff flowid 1:10
224 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27015 0xffff match ip protocol 0x11 0xff flowid 1:10
225 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27016 0xfffe match ip protocol 0x11 0xff flowid 1:10
226 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27016 0xfffe match ip protocol 0x11 0xff flowid 1:10
2274simandl # UT2003, UT2004
2282simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 7777 0xffff match ip protocol 0x11 0xff flowid 1:10
229 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 7777 0xffff match ip protocol 0x11 0xff flowid 1:10
230 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 7778 0xffff match ip protocol 0x11 0xff flowid 1:10
231 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 7778 0xffff match ip protocol 0x11 0xff flowid 1:10
2324simandl # BZFlag
233 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5154 0xffff match ip protocol 0x11 0xff flowid 1:10
234 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5154 0xffff match ip protocol 0x11 0xff flowid 1:10
2352simandl # JEDI KNIGHT
236 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 28060 0xfffe match ip protocol 0x11 0xff flowid 1:10
237 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 28060 0xfffe match ip protocol 0x11 0xff flowid 1:10
238 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 28062 0xffff match ip protocol 0x11 0xff flowid 1:10
239 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 28062 0xffff match ip protocol 0x11 0xff flowid 1:10
240 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 28070 0xfffe match ip protocol 0x11 0xff flowid 1:10
241 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 28070 0xfffe match ip protocol 0x11 0xff flowid 1:10
242 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 28072 0xfff8 match ip protocol 0x11 0xff flowid 1:10
243 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 28072 0xfff8 match ip protocol 0x11 0xff flowid 1:10
244 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 28080 0xfffe match ip protocol 0x11 0xff flowid 1:10
245 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 28080 0xfffe match ip protocol 0x11 0xff flowid 1:10
2465simandl # Dark Eden
247 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 9997 0xffff match ip protocol 0x11 0xff flowid 1:10
248 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 9997 0xffff match ip protocol 0x11 0xff flowid 1:10
249 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 9998 0xfffe match ip protocol 0x11 0xff flowid 1:10
250 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 9998 0xfffe match ip protocol 0x11 0xff flowid 1:10
251 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 9858 0xffff match ip protocol 0x11 0xff flowid 1:10
252 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 9858 0xffff match ip protocol 0x11 0xff flowid 1:10
253 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 9650 0xfffe match ip protocol 0x11 0xff flowid 1:10
254 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 9650 0xfffe match ip protocol 0x11 0xff flowid 1:10
255 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 4056 0xfffe match ip protocol 0x11 0xff flowid 1:10
256 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 4056 0xfffe match ip protocol 0x11 0xff flowid 1:10
25714simandl # Quake 3 arena
258 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27960 0xfffe match ip protocol 0x11 0xff flowid 1:10
259 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27960 0xfffe match ip protocol 0x11 0xff flowid 1:10
26019simandl # Counter-Strike Source
261 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27000 0xfff8 match ip protocol 0x11 0xff flowid 1:10
262 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27008 0xffc0 match ip protocol 0x11 0xff flowid 1:10
263 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27072 0xfff0 match ip protocol 0x11 0xff flowid 1:10
264 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27088 0xfff8 match ip protocol 0x11 0xff flowid 1:10
265 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27096 0xfffc match ip protocol 0x11 0xff flowid 1:10
266 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27000 0xfff8 match ip protocol 0x11 0xff flowid 1:10
267 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27008 0xffc0 match ip protocol 0x11 0xff flowid 1:10
268 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27072 0xfff0 match ip protocol 0x11 0xff flowid 1:10
269 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27088 0xfff8 match ip protocol 0x11 0xff flowid 1:10
270 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27096 0xfffc match ip protocol 0x11 0xff flowid 1:10
2715simandl # H323
2729simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 389 0xffff match ip protocol 0x11 0xff flowid 1:10
273 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 389 0xffff match ip protocol 0x11 0xff flowid 1:10
274 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 522 0xffff match ip protocol 0x11 0xff flowid 1:10
275 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 522 0xffff match ip protocol 0x11 0xff flowid 1:10
276 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1503 0xffff match ip protocol 0x11 0xff flowid 1:10
277 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1503 0xffff match ip protocol 0x11 0xff flowid 1:10
278 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1720 0xffff match ip protocol 0x11 0xff flowid 1:10
279 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1720 0xffff match ip protocol 0x11 0xff flowid 1:10
280 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1731 0xffff match ip protocol 0x11 0xff flowid 1:10
281 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1731 0xffff match ip protocol 0x11 0xff flowid 1:10
28210simandl # Lineage2
283 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 7777 0xffff match ip protocol 0x6 0xff flowid 1:10
284 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 7777 0xffff match ip protocol 0x6 0xff flowid 1:10
285 # Teamspeak
286 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 8767 0xffff match ip protocol 0x11 0xff flowid 1:10
287 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 8767 0xffff match ip protocol 0x11 0xff flowid 1:10
28826simandl # L2TP
289 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1701 0xffff match ip protocol 0x11 0xff flowid 1:10
290 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1701 0xffff match ip protocol 0x11 0xff flowid 1:10
29127simandl # Americas Army
292 #UDP
293 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1716 0xfffe match ip protocol 0x11 0xff flowid 1:10
294 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1716 0xfffe match ip protocol 0x11 0xff flowid 1:10
295 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1718 0xffff match ip protocol 0x11 0xff flowid 1:10
296 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1718 0xffff match ip protocol 0x11 0xff flowid 1:10
297 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 8777 0xffff match ip protocol 0x11 0xff flowid 1:10
298 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 8777 0xffff match ip protocol 0x11 0xff flowid 1:10
299 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 27900 0xffff match ip protocol 0x11 0xff flowid 1:10
300 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 27900 0xffff match ip protocol 0x11 0xff flowid 1:10
301 #TCP
302 #14200
303 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 14200 0xffff match ip protocol 0x6 0xff flowid 1:10
304 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 14200 0xffff match ip protocol 0x6 0xff flowid 1:10
305 #20024 .. 20031
306 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 20024 0xfff8 match ip protocol 0x6 0xff flowid 1:10
307 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 20024 0xfff8 match ip protocol 0x6 0xff flowid 1:10
308 #20032 .. 20047
309 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 20032 0xfff0 match ip protocol 0x6 0xff flowid 1:10
310 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 20032 0xfff0 match ip protocol 0x6 0xff flowid 1:10
311 #20048
312 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 20048 0xffff match ip protocol 0x6 0xff flowid 1:10
313 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 20048 0xffff match ip protocol 0x6 0xff flowid 1:10
31429simandl # Warhammer Online
315 #TCP
316 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1380 0xffff match ip protocol 0x6 0xff flowid 1:10
317 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1380 0xffff match ip protocol 0x6 0xff flowid 1:10
318 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 10622 0xffff match ip protocol 0x6 0xff flowid 1:10
319 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 10622 0xffff match ip protocol 0x6 0xff flowid 1:10
320 #UDP 33100-33500 (32768-33791)
321 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 33100 0xfc00 match ip protocol 0x11 0xff flowid 1:10
322 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 33100 0xfc00 match ip protocol 0x11 0xff flowid 1:10
32330simandl #Battlefield 2
324 #TCP 16567, 16667
32546sinda $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 16567 0xffff match ip protocol 0x6 0xff flowid 1:10
326 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 16567 0xffff match ip protocol 0x6 0xff flowid 1:10
327 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 16667 0xffff match ip protocol 0x6 0xff flowid 1:10
328 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 16667 0xffff match ip protocol 0x6 0xff flowid 1:10
32930simandl #Call of Duty 4
330 #port 28960 TCP a UDP
33141simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 28960 0xffff flowid 1:10
332 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 28960 0xffff flowid 1:10
333 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3074 0xfffe match ip protocol 0x11 0xff flowid 1:10
334 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3074 0xfffe match ip protocol 0x11 0xff flowid 1:10
335 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3080 0xffff match ip protocol 0x11 0xff flowid 1:10
336 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3080 0xffff match ip protocol 0x11 0xff flowid 1:10
33747sinda # podpora obecne pro PS3 (TCP: 5223, 10070-10080, UDP: 3478-3479, 3658, 3678, 10070-10080)
338 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5223 0xffff match ip protocol 0x6 0xff flowid 1:10
339 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5223 0xffff match ip protocol 0x6 0xff flowid 1:10
340 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 10070 0xfffe match ip protocol 0x6 0xff flowid 1:10
341 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 10070 0xfffe match ip protocol 0x6 0xff flowid 1:10
342 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 10072 0xfff8 match ip protocol 0x6 0xff flowid 1:10
343 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 10072 0xfff8 match ip protocol 0x6 0xff flowid 1:10
344 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3478 0xfffe match ip protocol 0x11 0xff flowid 1:10
345 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3478 0xfffe match ip protocol 0x11 0xff flowid 1:10
346 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3658 0xffff match ip protocol 0x11 0xff flowid 1:10
347 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3658 0xffff match ip protocol 0x11 0xff flowid 1:10
348 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3678 0xffff match ip protocol 0x11 0xff flowid 1:10
349 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3678 0xffff match ip protocol 0x11 0xff flowid 1:10
350 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 10070 0xfffe match ip protocol 0x11 0xff flowid 1:10
351 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 10070 0xfffe match ip protocol 0x11 0xff flowid 1:10
352 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 10072 0xfff8 match ip protocol 0x11 0xff flowid 1:10
353 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 10072 0xfff8 match ip protocol 0x11 0xff flowid 1:10
35452sinda # VATSIM Microsoft Flight simulator FS2004 (TCP/UDP 6809, 6073, 3782 a 3290)
355 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3290 0xffff flowid 1:10
356 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3290 0xffff flowid 1:10
357 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3782 0xffff flowid 1:10
358 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3782 0xffff flowid 1:10
359 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 6073 0xffff flowid 1:10
360 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 6073 0xffff flowid 1:10
361 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 6809 0xffff flowid 1:10
362 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 6809 0xffff flowid 1:10
36354sinda # podpora pro hru rFactor (TCP 34447, UDP 34397)
364 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 34447 0xffff match ip protocol 0x06 0xff flowid 1:10
365 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 34447 0xffff match ip protocol 0x06 0xff flowid 1:10
366 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 34397 0xffff match ip protocol 0x11 0xff flowid 1:10
367 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 34397 0xffff match ip protocol 0x11 0xff flowid 1:10
36855simandl # LOTRO - server Snowbourn 41, 114-121
369 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 94.75.194.41 flowid 1:10
370 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 94.75.194.41 flowid 1:10
371 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 94.75.194.112/28 flowid 1:10
372 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 94.75.194.112/28 flowid 1:10
37356simandl # podpora pro hru StarCraft II (TCP UDP 1119)
374 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1119 0xffff flowid 1:10
375 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1119 0xffff flowid 1:10
37630simandl 
3772simandl # TCP ACK packets smaller than 64 bytes
378 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 \
379 match ip protocol 6 0xff \
380 match u8 0x05 0x0f at 0 \
381 match u16 0x0000 0xffc0 at 2 \
382 match u8 0x10 0xff at 33 \
383 flowid 1:10
384 
385 ## Ping class
386 # ICMP
387 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip protocol 0x01 0xff flowid 1:20
388 
389 ## Routing class
390 # BGP
391 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 179 0xffff match ip protocol 0x6 0xff flowid 1:30
392 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 179 0xffff match ip protocol 0x6 0xff flowid 1:30
393 # OSPF
394 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip protocol 0x59 0xff flowid 1:30
395 
39613simandl ## Email & Data transfer class
3972simandl # FTP
398 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 20 0xfffe match ip protocol 0x6 0xff flowid 1:40
399 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 20 0xfffe match ip protocol 0x6 0xff flowid 1:40
400 # PPTP
401 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1723 0xffff match ip protocol 0x6 0xff flowid 1:40
402 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1723 0xffff match ip protocol 0x6 0xff flowid 1:40
403 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1723 0xffff match ip protocol 0x11 0xff flowid 1:40
404 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1723 0xffff match ip protocol 0x11 0xff flowid 1:40
405 # SCP
406 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 22 0xffff match ip protocol 0x6 0xff match ip tos 0x08 0xff flowid 1:40
407 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 22 0xffff match ip protocol 0x6 0xff match ip tos 0x08 0xff flowid 1:40
408 # POP3
40913simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 110 0xffff match ip protocol 0x6 0xff flowid 1:40
410 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 110 0xffff match ip protocol 0x6 0xff flowid 1:40
4112simandl # IMAP
41213simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 143 0xffff match ip protocol 0x6 0xff flowid 1:40
413 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 143 0xffff match ip protocol 0x6 0xff flowid 1:40
4142simandl # SMTP
41513simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 25 0xffff match ip protocol 0x6 0xff flowid 1:40
416 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 25 0xffff match ip protocol 0x6 0xff flowid 1:40
4172simandl # POP3S
41813simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 995 0xffff match ip protocol 0x6 0xff flowid 1:40
419 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 995 0xffff match ip protocol 0x6 0xff flowid 1:40
4202simandl # IMAPS
42113simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 993 0xffff match ip protocol 0x6 0xff flowid 1:40
422 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 993 0xffff match ip protocol 0x6 0xff flowid 1:40
4232simandl # SSMTP
42413simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 465 0xffff match ip protocol 0x6 0xff flowid 1:40
425 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 465 0xffff match ip protocol 0x6 0xff flowid 1:40
4262simandl # rsync
42713simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 673 0xffff match ip protocol 0x6 0xff flowid 1:40
428 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 673 0xffff match ip protocol 0x6 0xff flowid 1:40
429 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 673 0xffff match ip protocol 0x11 0xff flowid 1:40
430 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 673 0xffff match ip protocol 0x11 0xff flowid 1:40
4312simandl # CVS
43213simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 873 0xffff match ip protocol 0x6 0xff flowid 1:40
433 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 873 0xffff match ip protocol 0x6 0xff flowid 1:40
434 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 873 0xffff match ip protocol 0x11 0xff flowid 1:40
435 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 873 0xffff match ip protocol 0x11 0xff flowid 1:40
43639simandl # SVN
437 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3690 0xffff flowid 1:40
438 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3690 0xffff flowid 1:40
43940sinda # NNTP over SSL
440 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 563 0xffff flowid 1:40
441 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 563 0xffff flowid 1:40
442 # VNC
443 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5900 0xffff flowid 1:40
444 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5900 0xffff flowid 1:40
4452simandl 
44613simandl ## VOIP class
44733simandl # SIP
448 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5060 0xfffe match ip protocol 0x11 0xff flowid 1:50
449 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5060 0xfffe match ip protocol 0x11 0xff flowid 1:50
450 # RTP
451 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 8000 0xffff match ip protocol 0x11 0xff flowid 1:50
452 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 8000 0xffff match ip protocol 0x11 0xff flowid 1:50
45338simandl # Skype typeofservice mark
454 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip tos 0x20 0xff flowid 1:50 #Skype?
45513simandl # VoIP typeofservice mark
456 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip tos 0x68 0xff flowid 1:50 #SIP
457 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip tos 0xb8 0xff flowid 1:50 #RTP
458 # VoIP typeofservice mark for RTP ha-vel.cz
45938simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip tos 0x16 0xff flowid 1:50 #RTP
46013simandl # TOS mimimize delay - VoIP typeofservice mark for RTP vox.802.cz
46138simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip tos 0x10 0xff flowid 1:50
46218simandl # VoIP IP addr for RTP ha-vel.cz
46353sinda $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 217.66.161.0/24 flowid 1:50 #RTP
464 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 217.66.161.0/24 flowid 1:50 #RTP
46518simandl # VoIP IP addr for RTP 802.cz
46644simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 212.71.146.128/26 flowid 1:50 #RTP rtp.802.cz
467 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 212.71.146.128/26 flowid 1:50 #RTP rtp.802.cz
46850simandl # VoIP IP addr for sip.volny.cz
469 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 195.122.207.107 flowid 1:50
470 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 195.122.207.107 flowid 1:50
47151sinda $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 195.122.201.50/31 flowid 1:50
472 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 195.122.201.50/31 flowid 1:50
47331simandl # VoIP IP addr for others RTP
474 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 62.168.42.145 flowid 1:50 #sip2.fayn.cz
475 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 62.168.42.145 flowid 1:50 #sip2.fayn.cz
476 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 82.208.46.240 flowid 1:50 #sip.mujtelefon.cz
477 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 82.208.46.240 flowid 1:50 #sip.mujtelefon.cz
47833simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 212.20.119.40/29 flowid 1:50 #sip1.netphone.cz
479 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 212.20.119.40/29 flowid 1:50 #sip1.netphone.cz
48031simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 81.91.216.18 flowid 1:50 #aps.sbohempevnalinko.cz
481 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 81.91.216.18 flowid 1:50 #aps.sbohempevnalinko.cz
482 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 81.91.216.11 flowid 1:50 #fax.sipcz.net
483 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 81.91.216.11 flowid 1:50 #fax.sipcz.net
48445sinda $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 69.59.241.0/24 match ip protocol 0x11 0xff flowid 1:50 # Vonage
485 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 69.59.241.0/24 match ip protocol 0x11 0xff flowid 1:50 # Vonage
48638simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 193.86.76.226 match ip protocol 0x11 0xff flowid 1:50 #ustredna.systinet.com
487 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 193.86.76.226 match ip protocol 0x11 0xff flowid 1:50 #ustredna.systinet.com
48849sinda $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 195.146.137.186/31 flowid 1:50 # t-com.sk
489 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 195.146.137.186/31 flowid 1:50 # t-com.sk
49033simandl # gnomemeeting
491 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 30000 0xfff8 match ip protocol 0x11 0xff flowid 1:50
492 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 30000 0xfff8 match ip protocol 0x11 0xff flowid 1:50
493 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 30008 0xfffe match ip protocol 0x11 0xff flowid 1:50
494 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 30008 0xfffe match ip protocol 0x11 0xff flowid 1:50
495 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 30010 0xffff match ip protocol 0x11 0xff flowid 1:50
496 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 30010 0xffff match ip protocol 0x11 0xff flowid 1:50
497 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5000 0xfff8 match ip protocol 0x11 0xff flowid 1:50
498 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5000 0xfff8 match ip protocol 0x11 0xff flowid 1:50
499 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5010 0xfffe match ip protocol 0x11 0xff flowid 1:50
500 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5010 0xfffe match ip protocol 0x11 0xff flowid 1:50
501 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5012 0xfffe match ip protocol 0x11 0xff flowid 1:50
502 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5012 0xfffe match ip protocol 0x11 0xff flowid 1:50
50334simandl #ventrilo 3784 .. 3791
504 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3784 0xfff8 match ip protocol 0x6 0xff flowid 1:10
505 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3784 0xfff8 match ip protocol 0x6 0xff flowid 1:10
50613simandl 
507 ## Web & Squid class
508 # HTTP
509 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 80 0xffff match ip protocol 0x6 0xff flowid 1:60
510 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 80 0xffff match ip protocol 0x6 0xff flowid 1:60
511 # HTTPS
512 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 443 0xffff match ip protocol 0x6 0xff flowid 1:60
513 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 443 0xffff match ip protocol 0x6 0xff flowid 1:60
514 # WebCache
515 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 8080 0xffff match ip protocol 0x6 0xff flowid 1:60
516 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 8080 0xffff match ip protocol 0x6 0xff flowid 1:60
5172simandl # HTTP port
518 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3128 0xffff match ip protocol 0x6 0xff flowid 1:60
519 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3128 0xffff match ip protocol 0x6 0xff flowid 1:60
520 # ICP port
521 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 3130 0xffff match ip protocol 0x6 0xff flowid 1:60
522 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 3130 0xffff match ip protocol 0x6 0xff flowid 1:60
52333simandl # VPN KB.CZ
524 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip src 194.228.113.135 match ip sport 4500 0xffff match ip protocol 0x11 0xff flowid 1:60
525 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dst 194.228.113.135 match ip dport 4500 0xffff match ip protocol 0x11 0xff flowid 1:60
52642simandl # Cisco VPN
52743simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 500 0xffff flowid 1:60
528 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 500 0xffff flowid 1:60
529 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 4500 0xffff flowid 1:60
530 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 4500 0xffff flowid 1:60
531 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 10000 0xffff flowid 1:60
532 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 10000 0xffff flowid 1:60
53348simandl # OpenVPN
534 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 5000 0xffff match ip protocol 0x11 0xff flowid 1:60
535 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 5000 0xffff match ip protocol 0x11 0xff flowid 1:60
536 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1194 0xffff match ip protocol 0x11 0xff flowid 1:60
537 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1194 0xffff match ip protocol 0x11 0xff flowid 1:60
5382simandl 
53933simandl 
5402simandl ## Unsupported class
54133simandl # Kazaa
542 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip sport 1214 0xffff match ip protocol 0x6 0xff flowid 1:666
543 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 2 u32 match ip dport 1214 0xffff match ip protocol 0x6 0xff flowid 1:666
544 
545 ## Airfree class
54631simandl # File download over http
54732simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 62.67.46.0/24 flowid 1:667 # TERASPACE-GMBH
548 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 62.67.50.0/24 flowid 1:667 # TERASPACE-GMBH
549 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 62.140.31.0/24 flowid 1:667 # TERASPACE-GMBH
550 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 64.211.146.0/24 flowid 1:667 # TERASPACE-GMBH
551 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 80.152.62.0/24 flowid 1:667 # TERASPACE-GMBH
552 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 80.231.24.0/24 flowid 1:667 # TERASPACE-GMBH
553 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 80.231.41.0/24 flowid 1:667 # TERASPACE-GMBH
554 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 80.239.137.0/24 flowid 1:667 # TERASPACE-GMBH
555 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 80.239.236.0/24 flowid 1:667 # TERASPACE-GMBH
556 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 82.129.39.0/24 flowid 1:667 # PA-TERASPACE-COGENT-1
557 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 195.122.131.0/24 flowid 1:667 # TERASPACE-GMBH
55845sinda $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 195.122.149.0/24 flowid 1:667 # TERASPACE-GMBH
55932simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 195.122.151.0/24 flowid 1:667 # TERASPACE-GMBH
560 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 195.122.152.0/23 flowid 1:667 # TERASPACE-GMBH
561 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 195.219.1.0/24 flowid 1:667 # TERASPACE-GB
562 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 206.57.14.0/24 flowid 1:667 # TERAS
56335simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 212.162.2.0/24 flowid 1:667 # TERASPACE-GMBH
56433simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 212.162.63.0/24 flowid 1:667 # TERASPACE-GMBH
56532simandl $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 77.88.62.0/24 flowid 1:667 # yandex.ru
566 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 83.229.252.0/23 flowid 1:667 # MCHOST-SYN-NET
567 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 85.17.172.0/24 flowid 1:667 # LEASEWEB (filefactory.com)
568 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 94.75.218.0/24 flowid 1:667 # LEASEWEB
569 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 78.140.128.0/18 flowid 1:667 # NL-WEBAZILLA
570 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 88.86.100.160/27 flowid 1:667 # uloz.to
571 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src 88.208.16.0/20 flowid 1:667 # HALDEX-NET (letitbit.net)
57231simandl 
5732simandl # IP range of DHCP for airfree AP on this router
574 for ipaddr in $AIRFREE
575 do
576 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src $ipaddr flowid 1:667
577 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip dst $ipaddr flowid 1:667
578 done
579 # non-CZF-RFC - violators of RFCs
580 for ipaddr in $NONCZF
581 do
582 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src $ipaddr flowid 1:666
583 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip dst $ipaddr flowid 1:666
584 done
58525simandl # non-contributors
586 for ipaddr in $NONCONTRIB
587 do
588 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip src $ipaddr flowid 1:668
589 $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 u32 match ip dst $ipaddr flowid 1:668
590 done
5912simandl 
5924simandl ## Internet class
5932simandl # IPtables rule
594# $IPTABLES -t mangle -A FORWARD -s ! 10.0.0.0/8 -o ${FACE} -j MARK --set-mark 999
595# $IPTABLES -t mangle -A FORWARD -d ! 10.0.0.0/8 -o ${FACE} -j MARK --set-mark 999
596 # IPtables mark filter
597# $TC filter add dev ${FACE} parent 1:0 protocol ip prio 1 handle 999 fw flowid 1:999
598}
599 
600for FACE in $FACES
601do
6024simandl if [ -z "`$IP l | grep $FACE[:@]`" ]
603 then
604 echo "Interface $FACE doesn't exist"
605 continue
606 fi
6072simandl TYPE=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*type[[:space:]]\+\([[:alpha:]]\+\).*}.*/\1/"`
608 if [ "$TYPE" != 'transit' ]
609 then
610 continue
611 fi
612 SPEED=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*speed[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
613 QUANTUM=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*quantum[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
614 
615 if [ -z "$QUANTUM" ]
616 then
6174simandl MTU=`$IP l | grep $FACE[:@] | sed -e "s/^.*mtu[[:space:]]\+\([[:digit:]]\+\).*/\1/"`
6182simandl QUANTUM=$(($QUANTUMOFFS+$MTU))
619 fi
62015simandl 
621 NONCZFSPD=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*NONCZFSPD[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
622 if [ -z $NONCZFSPD ] ; then NONCZFSPD=$DNONCZFSPD ; fi
623 
624 AIRFREESPD=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*AIRFREESPD[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
625 if [ -z $AIRFREESPD ] ; then AIRFREESPD=$DAIRFREESPD ; fi
626 
62725simandl NONCONTRIBSPD=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*NONCONTRIBSPD[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
628 if [ -z $NONCONTRIBSPD ] ; then NONCONTRIBSPD=$DNONCONTRIBSPD ; fi
629 
63015simandl SSHDIV=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*SSHDIV[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
631 if [ -z $SSHDIV ] ; then SSHDIV=$DSSHDIV ; fi
632 
633 PINGDIV=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*PINGDIV[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
634 if [ -z $PINGDIV ] ; then PINGDIV=$DPINGDIV ; fi
635 
636 INTERACTDIV=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*INTERACTDIV[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
637 if [ -z $INTERACTDIV ] ; then INTERACTDIV=$DINTERACTDIV ; fi
638 
639 VOIPDIV=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*VOIPDIV[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
640 if [ -z $VOIPDIV ] ; then VOIPDIV=$DVOIPDIV ; fi
641 
642 WWWDIV=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*WWWDIV[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
643 if [ -z $WWWDIV ] ; then WWWDIV=$DWWWDIV ; fi
644 
645 XFERDIV=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*XFERDIV[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
646 if [ -z $XFERDIV ] ; then XFERDIV=$DXFERDIV ; fi
647 
648 DFLTDIV=`echo -e $IFACECONF | grep $FACE | sed -e "s/^.*{.*DFLTDIV[[:space:]]\+\([[:digit:]]\+\).*}.*/\1/;t;d"`
649 if [ -z $DFLTDIV ] ; then DFLTDIV=$DDFLTDIV ; fi
650 
651#echo $SPEED $NONCZFSPD $AIRFREESPD $SSHDIV $PINGDIV $INTERACTDIV $VOIPDIV $WWWDIV $XFERDIV $DFLTDIV
6522simandl set_qos_classes
653done
654 
655exit 0

Powered by WebSVN 2.2.1