reroute icmp traffic from one interface to another

[Ηλια Χατζηστυλη <iliachat1@xxxxxxxxxx>]

the code used to rerout traffic and limmit bandwith is :

#!/bin/sh /etc/rc.common
# Copyright (C) 2006 OpenWrt.org

MODULES='sch_ingress sch_sfq sch_htb cls_u32 act_police'
echo "Starting bandwidth shaping with htd and Guest limitation"
IPT=/usr/sbin/iptables
IF=eth1
IFHU=wlan0
IFGU=wlan0-1
IP="$(ifconfig eth1 | grep "inet addr" | cut -d ':' -f 2 | cut -d ' '  
-f 1)"    # IP eth1 Interface
IPHU=192.168.5.1
IPGU=192.168.3.1
#U32="$TC filter add dev $IF protocol ip parent 1:0 prio 1 u32"


$IPT -t filter -F
$IPT -t filter -X
$IPT -t nat -F
$IPT -t nat -X
$IPT -t mangle -F
$IPT -t mangle -X
$IPT -t raw -F
$IPT -t raw -X

#############################################################################
# Default Policies fuer integrierte Ketten festlegen:

$IPT -t nat -P PREROUTING ACCEPT
$IPT -t nat -P POSTROUTING ACCEPT
$IPT -t nat -P OUTPUT ACCEPT
$IPT -t filter -P INPUT ACCEPT
$IPT -t filter -P FORWARD ACCEPT
$IPT -t filter -P OUTPUT ACCEPT

#############################################################################

for i in $MODULES ; do
                insmod $i
        done

#----------send wlan0-1 & wlan0 to eth1
        echo "iptables interface traffic redirect up traffic"
        iptables -t nat -A POSTROUTING --out-interface $IF -j MASQUERADE
	iptables -A FORWARD --in-interface $IFHU -j CLASSIFY --set-class 1:10
        iptables -A FORWARD --in-interface $IFGU -j CLASSIFY --set-class 1:20
	echo "end of iptables rules"
#--------------------------------------
#----------clean prev rules always-----
        echo "clearing old qdiscs"
        tc qdisc del dev $IF root
	tc qdisc del dev $IF ingress
        echo "end of cleaning"
#--------------------------------------
#----------------------u32 for up limit
        echo "tc-start"
#       tc qdisc add dev $IF root
        echo "qdisc"
        tc qdisc add dev $IF root handle 1:0 htb default 30
        echo "class 10(home) 20(guest)"
        tc class add dev $IF parent 1: classid 1:1 htb rate 2mbit
        tc class add dev $IF parent 1:1 classid 1:10 htb rate 2mbit  
--home user bandwidth
	tc class add dev $IF parent 1:1 classid 1:20 htb rate 200kbit--guest user bw
        tc class add dev $IF parent 1:1 classid 1:30 htb rate 2mbit
	tc qdisc add dev $IF parent 1:10 handle 100: bfifo limit 75000
	tc qdisc add dev $IF parent 1:20 handle 200: bfifo limit 75000

#----
#---QDISC gia to download

	tc qdisc add dev $IF handle ffff: ingress
	tc filter add dev $IF parent ffff: protocol ip prio 50 u32 match ip  
src 0.0.0.0/0 police rate 30mbit burst 30mbit drop flowid :1

I send this nping command with the --data-length extension so that the  
ping will not be treated as a single bit.

--
To unsubscribe from this list: send the line "unsubscribe lartc" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html