Dear Anirudh,
You will probably get better help if you write your setup, what you have
tried, how it does not work, and write a subject.
Here is a PHP script which looks IP numbers and limits up in a database
and generates a simple TC HTB limit rule per host.
You may be able to modify it to be useful for you.
Notes:
- This script is run from the console, not a web server. You will need
command line PHP installed. Or you can rewrite it in a language of your
choice.
- We only have two limit options: limit everything to 255 Kbit/s, or
limit only packets that have been marked as "6" by some firewall rules
to 255 Kbit/s. You will want to rewrite this bit to get the speed value
from the database, but you can simplify the "marked as 6" bit away.
- Warning: we only limit download speed. You will probably want to limit
upload speed as well! You will probably want to do this by matching on
IP number on the way OUT of you INTERNET interface.
#!/usr/bin/php
<?php
// Nicolas Padfield nicolas aaat padfield duuut dk
// Must be run on boot and on any change to which hosts are limited
// runs tc command to first delete all limit rules
// then inserts limit rules for any hosts in db who request this
require_once ('dbconnect.inc.php');
require_once ('functions.inc.php');
$debug = 0;
$DEV = 'eth2';
$out = "
# delete all existing queue disciplines
tc qdisc del dev $DEV root
# attach queue discipline HTB to interface eth2 and give it handle 1:0
tc qdisc add dev $DEV root handle 1:0 htb
";
// per host command consists of two parts - add specific queue:
$cmd1 = "# host %s mac %s
tc class add dev $DEV parent 1:0 classid 1:%s htb rate 255kbit burst 255kbit
";
// and then specify what traffic to put into it.
// Here just traffic marked as "6" by iptables:
$cmd2dkstream = "tc filter add dev $DEV protocol ip parent 1:0 prio 1 u32 \
match mark 0x0006 0xffff \
match ip dst %s \
flowid 1:%s
";
// Here all traffic:
$cmd2all = "tc filter add dev $DEV protocol ip parent 1:0 prio 1 u32 \
match ip dst %s \
flowid 1:%s
";
$sql_query = "SELECT mac, last_seen_ip, `limit` FROM mac_info WHERE
`limit` > 0 AND expiry_date > NOW()";
$result = mysql_query($sql_query)
or die(mysql_error());
$i = 1;
while ($current_row = mysql_fetch_assoc($result)) {
$ip = $current_row['last_seen_ip'];
$limit = $current_row['limit'];
$mac = $current_row['mac'];
if (check_internal_ip($ip)) {
$out .= sprintf($cmd1,$i,$mac,$i);
if ($limit == 1)
$out .= sprintf($cmd2dkstream,$ip,$i);
elseif ($limit == 2)
$out .= sprintf($cmd2all,$ip,$i);
$i++;
}
unset($ip); unset($limit); unset($mac);
}
if($debug)
print $out;
else
logfile($out);
`$out`; // run everything in 'out'
?>
-------------------
The output looks like this:
# delete all existing queue disciplines
tc qdisc del dev eth2 root
# attach queue discipline HTB to interface eth2 and give it handle 1:0
tc qdisc add dev eth2 root handle 1:0 htb
# host 1 mac xxxxxxxxxxxxx
tc class add dev eth2 parent 1:0 classid 1:1 htb rate 255kbit burst 255kbit
tc filter add dev eth2 protocol ip parent 1:0 prio 1 u32 \
match ip dst 172.16.xxx.xxx \
flowid 1:1
# host 2 mac xxxxxxxxxxxxxxxx
tc class add dev eth2 parent 1:0 classid 1:2 htb rate 255kbit burst 255kbit
tc filter add dev eth2 protocol ip parent 1:0 prio 1 u32 \
match mark 0x0006 0xffff \
match ip dst 172.16.xxx.xxx \
flowid 1:2
--------------
Anirudh Gottumukkala)me in Google Accounts (Anirudh Gottumukkala wrote:
Hello
I am anirudh, I need help to write script to fetch detail like ips,
speedlimit from mysql and add htb rules at the starting of the
server. it is for a small isp i am working for.
can any one help me out!, i had tried but fail to limit speed
--
Anirudh Chowdary
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
