Simple Traffic Control ====================== Public domain ******************************************************************************** ### Simple traffic control (tc/iptables) #!/usr/bin/bash # Userside interface = eth0 = receive of user # Internet interface = ppp0 = send of user # Usernet range = 192.168.0.0/24 iptables -t mangle -F tc qdisc del dev eth0 root tc qdisc del dev ppp0 root tc qdisc add dev eth0 root handle 1: htb tc qdisc add dev ppp0 root handle 1: htb # receive of user = 300 kbps tc class add dev eth0 parent 1: classid 1:1 htb rate 300kbit ceil 300kbit tc filter add dev eth0 parent 1: protocol ip prio 1 handle 1 fw classid 1:1 iptables -t mangle -A FORWARD -o eth0 -d 192.168.0.0/24 -j MARK --set-mark 1 # send of user = 100 kbps tc class add dev ppp0 parent 1: classid 1:1 htb rate 100kbit ceil 100kbit tc filter add dev ppp0 parent 1: protocol ip prio 1 handle 2 fw classid 1:1 iptables -t mangle -A FORWARD -o ppp0 -s 192.168.0.0/24 -j MARK --set-mark 2 ******************************************************************************** ### Simple traffic control (tc only) #!/bin/bash internet_interface="ppp0" user_interface="eth1" ip="172.16.0.11" rec=128 snd=64 tc qdisc del dev ${internet_interface} root &> /dev/null tc qdisc del dev ${user_interface} root &> /dev/null tc qdisc add dev ${internet_interface} root handle 1: htb tc qdisc add dev ${user_interface} root handle 1: htb # Send tc class add dev ${internet_interface} parent 1: classid 1:1 htb \ rate ${snd}kbit ceil ${snd}kbit tc filter add dev ${internet_interface} parent 1: protocol ip prio 1 \ u32 match ip src ${ip} flowid 1:1 # Receive tc class add dev ${user_interface} parent 1: classid 1:1 htb \ rate ${rec}kbit ceil ${rec}kbit tc filter add dev ${user_interface} parent 1: protocol ip prio 1 \ u32 match ip dst ${ip} flowid 1:1 ******************************************************************************** ### usage statistics watch -n 1 -d tc -stats class show dev eth0 ******************************************************************************** ### Traffic Control init /etc/rc.d/init.d/traffic-shaper #!/bin/bash # # traffic-shaper Start/Stop bandwidth shaper. # # chkconfig: - 95 10 # description: traffic-shaper designed by Pejman Moghadam. \ # version 2.0 # config: /etc/shaper.conf # Loading config file . /etc/shaper.conf # General settings userside=eth1 inetside=eth2 receive () { tc class add dev $userside parent 1: classid 1:$count htb rate ${rec[$count]}kbit ceil ${rec[$count]}kbit if [ "$sw" == "0" ]; then tc filter add dev $userside parent 1: protocol ip prio 1 handle $h1 fw classid 1:$count fi for ip in ${ip[$count]}; do for protocol in ${prt[$count]}; do iptables -t mangle -A FORWARD -o $userside -p $protocol -d $ip -j MARK --set-mark $h1 done done } send () { tc class add dev $inetside parent 1: classid 1:$count htb rate ${snd[$count]}kbit ceil ${snd[$count]}kbit if [ "$sw" == "0" ]; then tc filter add dev $inetside parent 1: protocol ip prio 1 handle $h2 fw classid 1:$count fi for ip in ${ip[$count]}; do for protocol in ${prt[$count]}; do iptables -t mangle -A FORWARD -o $inetside -p $protocol -s $ip -j MARK --set-mark $h2 done done } share () { k=1 while [ "${group_name[$k]}" != "" ] ; do if [ "${group_name[$k]}" == "${mark[$count]}" ]; then sw=1 h1=${group_mark[$k]} h2=$[$h1+1] return ; fi k=$[$k+1] done group_name[$j]=${mark[$count]} group_mark[$j]=$h1 j=$[$j+1] } start() { echo $"Starting traffic-shaper: " iptables -t mangle -F # tc qdisc del dev $userside root # tc qdisc del dev $inetside root tc qdisc add dev $userside root handle 1: htb tc qdisc add dev $inetside root handle 1: htb count=1 i=1 j=1 while [ "${user[$count]}" != "" ] ; do if [ "${user[$count]}" != "empty" ]; then h1=$[$count*2-1] h2=$[$count*2] sw=0 if [ "${mark[$count]}" != "" ]; then share fi echo $i - ${user[$count]}, rec=${rec[$count]}, snd=${snd[$count]}, classid=$count, mark=$h1-$h2, ${mark[$count]} i=$[$i+1] receive $count send $count fi count=$[$count+1] done } stop() { echo $"Stopping traffic-shaper: " iptables -t mangle -F tc qdisc del dev $userside root tc qdisc del dev $inetside root } restart() { stop start } case "$1" in start) start ;; stop) stop ;; restart) restart ;; *) echo $"Usage: traffic-shaper {start|stop|restart}" exit 1 esac ******************************************************************************** ### /etc/shaper.conf user[1]="user1" ip[1]="192.168.1.11 172.16.10.11" rec[1]=128 snd[1]=32 prt[1]="all" #---------- user[2]="user2" ip[2]="192.168.1.12 172.16.10.12" rec[2]=64 snd[2]=16 prt[2]="all" #---------- user[3]="user3" ip[3]="192.168.1.13 172.16.10.13" rec[3]=64 snd[3]=16 prt[3]="tcp udp" #---------- ******************************************************************************** _BY: Pejman Moghadam_ _TAG: bash, bash-script, tc, traffic-control_ _DATE: 2007-07-11 21:43:31_