script

"jayesh" <jayesh@xxxxxxxxx> · Sat, 8 Jan 2005 18:32:05 +0300

dear all 
iam  newbie , i have 256 kbits of down link 
and 64 kbits of up link iam using squid and htb i have got this  while 
browsing the net , there are some few issues i need help 
while running the script i want  browsing to 
be as fast as possible , uplink especially kaaza should not eat my band width. 

eth1  got public ip address and eth0 is 
internal with network 10.0.0.0/24 iam also using nat , how can i make 
squid incoporates with htb (squid uses 3128)
here is my script 
#!/bin/bash
 TC=/sbin/tc 
IPTABLES=/sbin/iptables
 $TC 
qdisc del dev eth0 root 2> /dev/null > /dev/null
 $TC qdisc del 
dev eth1 root 2> /dev/null > /dev/null
 $TC qdisc del dev eth1 
ingress 2> /dev/null > /dev/null
 $IPTABLES -F POSTROUTING -t 
mangle
  $TC qdisc add dev eth0 root handle 1: htb default 50 r2q 
2

 $TC class add dev eth0 parent 1: classid 1:2 htb rate 248Kbit burst 
35k
 $TC class add dev eth0 parent 1:2 classid 1:10 htb rate 220Kbit 
ceil 240Kbit burst 25k prio 0
$TC class add dev eth0 parent 1:2 classid 1:30 
htb rate 28Kbit ceil 28Kbit burst 10k prio 1 
$TC class add dev eth0 parent 
1: classid 1:60 htb rate 1Kbit ceil 100Mbit  prio 1
 $TC qdisc add 
dev eth0 parent 1:10 handle 11: sfq perturb 10
 $TC qdisc add dev eth0 
parent 1:30 handle 33: sfq perturb 10
 $IPTABLES -t mangle -A 
POSTROUTING -o eth0 -s ! 10.0.0.0/24 -j MARK --set-mark 3
 $IPTABLES -t 
mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 80 -j MARK 
--set-mark 1
 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 
10.0.0.0/24 -p tcp --sport 443 -j MARK --set-mark 1
 $IPTABLES -t mangle 
-A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 22 -j MARK --set-mark 
1
 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp 
--sport 21 -j MARK --set-mark 1
 $IPTABLES -t mangle -A POSTROUTING -o 
eth0 -s ! 10.0.0.0/24 -p tcp --sport 53 -j MARK --set-mark 1 
$IPTABLES -t 
mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p udp --sport 53 -j MARK 
--set-mark 1 
$IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p 
tcp --sport 110 -j MARK --set-mark 1
 $IPTABLES -t mangle -A POSTROUTING 
-o eth0 -s ! 10.0.0.0/24 -p tcp --sport 5190 -j MARK --set-mark 1
$IPTABLES 
-t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 6661:6669 -j 
MARK --set-mark 1 
$IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 
10.0.0.0/24 -p tcp --sport 3128 -j MARK --set-mark 1
$IPTABLES -t mangle -A 
POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p udp --sport 3128 -j MARK --set-mark 
1#$IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p icmp -j MARK 
--set-mark 1

 $TC filter add dev eth0 parent 1:0 protocol ip 
handle 1 fw flowid 1:10
 $TC filter add dev eth0 parent 1:0 protocol ip 
handle 3 fw flowid 1:30
 $TC filter add dev eth0 parent 1:0 protocol ip 
prio 1 u32 \
 match ip protocol 0x6 0xff \
  match ip tos 
0x10 0xff \
 flowid 
1:60

##############################
$TC qdisc add dev eth1 root 
handle 1: htb default 20
 $TC class add dev eth1 parent 1: classid 1:1 
htb rate 62Kbit burst 35k
 $TC class add dev eth1 parent 1:1 classid 
1:10 htb rate 40Kbit ceil 60Kbit burst 25k prio 1
 $TC class add dev 
eth1 parent 1:1 classid 1:20 htb rate 15Kbit ceil 55Kbit burst 10k prio 
2
 $TC class add dev eth1 parent 1:1 classid 1:30 htb rate 7Kbit ceil 
28Kbit burst 5k prio 3
 $TC qdisc add dev eth1 parent 1:10 handle 10: 
sfq perturb 10
 $TC qdisc add dev eth1 parent 1:20 handle 20: sfq 
perturb 10
 $TC qdisc add dev eth1 parent 1:30 handle 30: sfq perturb 
10
 $TC filter add dev eth1 parent 1:0 protocol ip prio 10 u32 
\
   match ip tos 0x10 0xff  flowid 1:10
 $TC filter 
add dev eth1 parent 1: protocol ip prio 10 u32 \
    match ip 
protocol 6 0xff \
    match u8 0x05 0x0f at 0 
\
    match u16 0x0000 0xffc0 at 2 \

match u8 0x10 0xff at 33 \
    flowid 
1:10

 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 
10.0.0.0/24 -j MARK --set-mark 12
# $IPTABLES -t mangle -A POSTROUTING -o 
eth1 -s ! 10.0.0.0/24 -p icmp -j MARK --set-mark 11
 $IPTABLES -t mangle 
-A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp --sport 22 -j MARK --set-mark 
11
 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp 
--sport 80 -j MARK --set-mark 11
 $IPTABLES -t mangle -A POSTROUTING -o 
eth1 -s ! 10.0.0.0/24 -p tcp --dport 80 -j MARK --set-mark 11
 $IPTABLES 
-t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp --dport 21 -j MARK 
--set-mark 11
 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 
10.0.0.0/24 -p tcp --dport 20 -j MARK --set-mark 11
 $IPTABLES -t mangle 
-A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp --sport 3128 -j MARK --set-mark 
11
  $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp 
--dport 3128  -j MARK --set-mark 11
 $IPTABLES -t mangle -A 
POSTROUTING -o eth1 -s 10.0.0.0/24 -j MARK --set-mark 13

$IPTABLES 
-t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 80 -j MARK 
--set-mark 11
 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 
-p tcp --dport 443 -j MARK --set-mark 11
 $IPTABLES -t mangle -A 
POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 53 -j MARK --set-mark 
11
 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p udp 
--dport 53 -j MARK --set-mark 11
 $IPTABLES -t mangle -A POSTROUTING -o 
eth1 -s 10.0.0.0/24 -p tcp --dport 22 -j MARK --set-mark 11
 $IPTABLES 
-t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 23 -j MARK 
--set-mark 11
 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 
-p tcp --dport 21 -j MARK --set-mark 11
 $IPTABLES -t mangle -A 
POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 25 -j MARK --set-mark 
11
 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp 
--dport 110 -j MARK --set-mark 11
 $IPTABLES -t mangle -A POSTROUTING -o 
eth1 -s 10.0.0.0/24 -p tcp --dport 5190 -j MARK --set-mark 11
 $IPTABLES 
-t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 6661:6669 -j MARK 
--set-mark 11
$IPTABLES -t mangle -A POSTROUTING -p icmp -j MARK --set-mark 
11
$IPTABLES -t mangle -A POSTROUTING -o eth0 -s 10.0.0.0/24 -p udp --dport 
3128 -j MARK --set-mark 11
$IPTABLES -t mangle -A POSTROUTING -o eth0 -s 
10.0.0.0/24 -p tcp --dport 3128 -j MARK --set-mark 11
#$IPTABLES -t mangle -A 
POSTROUTING -p icmp -j RETURN
$TC filter add dev eth1 parent 1:0 protocol ip 
handle 11 fw flowid 1:10
 $TC filter add dev eth1 parent 1:0 protocol ip 
handle 12 fw flowid 1:20
 $TC filter add dev eth1 parent 1:0 protocol ip 
handle 13 fw flowid 1:30

please help with clarification 
regards

                      Dealing in Computers, Software and 
                        Peripherals

                      Jayesh Chandran 
                      Compucat Technologies
(An 
                        associate of Milan Cable Television)
1.Goliondoi 
                        Road, Arusha.
2.Ground Floor, Serengeti Wing,
PB 
                        No. 10367, AICC, Arusha, Tanzania 

                      jayesh@xxxxxxxxx 

                            tel: 
fax: 

mobile: 
                            +255 27 2502660
+255 27 
                              2504527
+255 748 586169 

          Add me to your address book...
          Want a signature like 
      this?

script

Linux Advanced Routing and Traffic Control