|
|
+ Linux w/ 2.4.20+ Kernel
+ IPTables Enabled in Kernel
+ QOS Enabled in Kernel
+ IPTables software
+ IPRoute2 software
+ tc binary
|
|
|
|
##############################
### #
### BandWidth Router #
### #
### #
### James Jones #
### #
##############################
#I call the iptables script but for easy of navigation I am inserting it here
/home/jamesa/tmp/iptable
## contents of /home/jamesa/tmp/iptable
#!/bin/bash
# Flush any previous rules
iptables -F
iptables -t nat -F
iptables -t mangle -F
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
####### UPLOAD MARKING **************
### ETH1 should get these marks
iptables -t mangle -A FORWARD -s 192.168.0.5/29 -j MARK --set-mark 28
iptables -t mangle -A FORWARD -s 192.168.0.13/29 -j MARK --set-mark 56
iptables -t mangle -A FORWARD -s 192.168.0.21/29 -j MARK --set-mark 192
iptables -t mangle -A FORWARD -s 192.168.0.29/29 -j MARK --set-mark 384
iptables -t mangle -A FORWARD -s 192.168.0.37/29 -j MARK --set-mark 512
iptables -t mangle -A FORWARD -s 192.168.0.45/29 -j MARK --set-mark 768
iptables -t mangle -A FORWARD -s 192.168.0.53/29 -j MARK --set-mark 1500
iptables -t mangle -A FORWARD -s 192.168.0.61/29 -j MARK --set-mark 1281
####### DOWLOAD MARKING #############
#### ETH0 should get these marks
iptables -t mangle -A POSTROUTING -s ! 192.168.0.0/24 -d 192.168.0.5/29 -j MARK --set-mark 29
iptables -t mangle -A POSTROUTING -s ! 192.168.0.0/24 -d 192.168.0.13/29 -j MARK --set-mark 57
iptables -t mangle -A POSTROUTING -s ! 192.168.0.0/24 -d 192.168.0.21/29 -j MARK --set-mark 193
iptables -t mangle -A POSTROUTING -s ! 192.168.0.0/24 -d 192.168.0.29/29 -j MARK --set-mark 385
iptables -t mangle -A POSTROUTING -s ! 192.168.0.0/24 -d 192.168.0.37/29 -j MARK --set-mark 513
iptables -t mangle -A POSTROUTING -s ! 192.168.0.0/24 -d 192.168.0.45/29 -j MARK --set-mark 769
iptables -t mangle -A POSTROUTING -s ! 192.168.0.0/24 -d 192.168.0.53/29 -j MARK --set-mark 1501
iptables -t mangle -A POSTROUTING -s ! 192.168.0.0/24 -d 192.168.0.61/29 -j MARK --set-mark 3841
echo "Done Running Packet Marker"
##on my box eth1 "wan" side network card and eth0 is the internal side adapter.
########### ROOT QDISC ########
#### upstream
tc qdisc add dev eth1 root handle 1: htb default 16
#### downstream
tc qdisc add dev eth0 root handle 1: htb default 16
########### LETS MAKE SOME CLASSES #########
########## UPLOADS
tc class add dev eth1 parent 1: classid 1:1 htb rate 10mbit ceil 10mbit
tc class add dev eth1 parent 1:1 classid 1:10 htb rate 28kbit ceil 28kbit
tc class add dev eth1 parent 1:1 classid 1:11 htb rate 56kbit ceil 56kbit
tc class add dev eth1 parent 1:1 classid 1:12 htb rate 192kbit ceil 192kbit
tc class add dev eth1 parent 1:1 classid 1:13 htb rate 384kbit ceil 384kbit
tc class add dev eth1 parent 1:1 classid 1:14 htb rate 512kbit ceil 512kbit
tc class add dev eth1 parent 1:1 classid 1:15 htb rate 768kbit ceil 768kbit
tc class add dev eth1 parent 1:1 classid 1:16 htb rate 1.5mbit ceil 1.5mbit
tc class add dev eth1 parent 1:1 classid 1:17 htb rate 128kbit ceil 128kbit
######### DOWNLOADS
tc class add dev eth0 parent 1: classid 1:1 htb rate 10mbit ceil 10mbit
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 28kbit ceil 28kbit
tc class add dev eth0 parent 1:1 classid 1:11 htb rate 56kbit ceil 56kbit
tc class add dev eth0 parent 1:1 classid 1:12 htb rate 192kbit ceil 192kbit
tc class add dev eth0 parent 1:1 classid 1:13 htb rate 384kbit ceil 384kbit
tc class add dev eth0 parent 1:1 classid 1:14 htb rate 512kbit ceil 512kbit
tc class add dev eth0 parent 1:1 classid 1:15 htb rate 768kbit ceil 768kbit
tc class add dev eth0 parent 1:1 classid 1:16 htb rate 1.5mbit ceil 1.5mbit
tc class add dev eth0 parent 1:1 classid 1:17 htb rate 384kbit ceil 384kbit
################# FILTER AND SEND TO CORRECT CLASSID ###################
tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle 1501 fw classid 1:16
tc filter add dev eth1 parent 1:0 protocol ip prio 1 handle 1500 fw classid 1:16
tc filter add dev eth0 parent 1:0 protocol ip prio 7 handle 29 fw classid 1:10
tc filter add dev eth1 parent 1:0 protocol ip prio 7 handle 28 fw classid 1:10
tc filter add dev eth0 parent 1:0 protocol ip prio 6 handle 57 fw classid 1:11
tc filter add dev eth1 parent 1:0 protocol ip prio 6 handle 56 fw classid 1:11
tc filter add dev eth0 parent 1:0 protocol ip prio 5 handle 193 fw classid 1:12
tc filter add dev eth1 parent 1:0 protocol ip prio 5 handle 192 fw classid 1:12
tc filter add dev eth0 parent 1:0 protocol ip prio 4 handle 385 fw classid 1:13
tc filter add dev eth1 parent 1:0 protocol ip prio 4 handle 384 fw classid 1:13
tc filter add dev eth0 parent 1:0 protocol ip prio 3 handle 513 fw classid 1:14
tc filter add dev eth1 parent 1:0 protocol ip prio 3 handle 512 fw classid 1:14
tc filter add dev eth0 parent 1:0 protocol ip prio 2 handle 769 fw classid 1:15
tc filter add dev eth1 parent 1:0 protocol ip prio 2 handle 768 fw classid 1:15
tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle 1501 fw classid 1:16
tc filter add dev eth1 parent 1:0 protocol ip prio 1 handle 1500 fw classid 1:16
tc filter add dev eth0 parent 1:0 protocol ip prio 8 handle 3841 fw classid 1:17
tc filter add dev eth1 parent 1:0 protocol ip prio 8 handle 1281 fw classid 1:17
################ MAKING DA qdisc ***************************************
tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev eth0 parent 1:11 handle 11: sfq perturb 10
tc qdisc add dev eth0 parent 1:12 handle 12: sfq perturb 10
tc qdisc add dev eth0 parent 1:13 handle 13: sfq perturb 10
tc qdisc add dev eth0 parent 1:14 handle 14: sfq perturb 10
tc qdisc add dev eth0 parent 1:15 handle 15: sfq perturb 10
tc qdisc add dev eth0 parent 1:16 handle 16: sfq perturb 10
tc qdisc add dev eth0 parent 1:17 handle 17: sfq perturb 10
tc qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev eth1 parent 1:11 handle 11: sfq perturb 10
tc qdisc add dev eth1 parent 1:12 handle 12: sfq perturb 10
tc qdisc add dev eth1 parent 1:13 handle 13: sfq perturb 10
tc qdisc add dev eth1 parent 1:14 handle 14: sfq perturb 10
tc qdisc add dev eth1 parent 1:15 handle 15: sfq perturb 10
tc qdisc add dev eth1 parent 1:16 handle 16: sfq perturb 10
tc qdisc add dev eth1 parent 1:17 handle 17: sfq perturb 10
|
|
|
|