1 --- htb.init-v0.8.5 2004-10-25 11:01:42.000000000 +0200
2 +++ htb 2004-10-25 18:26:29.720551256 +0200
7 +# - Bruno Randolf <bruno.randolf at 4g-systems.biz>
8 +# - added ingress limiting
9 +# - added predefined PREDEF filter rules
10 +# - added PROTOCOL filter rule
11 +# - added TOS filter rule
12 +# - added VERBOSE option
13 # v0.8.5- Nathan Shafer <nicodemus at users.sourceforge.net>
14 # - allow symlins to class files
15 # - Seth J. Blank <antifreeze at users.sourceforge.net>
17 # fairness but allows HTB to be used on very fast network devices.
18 # This is turned off by default.
20 +# INGRESS=<speed> optional
23 +# This parameters activates the limiting of incoming traffic.
24 +# Everything exceeding this rate will be dropped. This can be
25 +# useful to keep the queues of DSL modems empty to allow
26 +# low latency interactive traffic.
28 ### HTB class parameters
30 # The following are parameters for HTB classes and are expected
32 # use multiple MARK fields per config.
36 +# PREDEF=ack|icmp|ssh-interactive|ssh-scp
38 +# This are some predefined u32 filters.
39 +# * ack: small acknowledgement packets
40 +# * icmp: icmp packets
41 +# * ssh-interactive: interactive SSH sessions (not scp)
42 +# * ssh-scp: ssh file transfer (scp)
46 # Note: Rules for different filter types can be combined. Attention must be
47 # paid to the priority of filter rules, which can be set below through
48 # the PRIO_{RULE,MARK,REALM} variables.
51 ### Modules to probe for. Uncomment the last HTB_PROBE
52 ### line if you have QoS support compiled into kernel
53 -HTB_PROBE="sch_htb sch_sfq cls_fw cls_u32 cls_route"
54 +HTB_PROBE="sch_htb sch_sfq cls_fw cls_u32 cls_route sch_ingress"
58 -HTB_QDISC="DEFAULT\|DCACHE\|R2Q"
59 +HTB_QDISC="DEFAULT\|DCACHE\|R2Q\|INGRESS"
60 HTB_CLASS="RATE\|CEIL\|BURST\|CBURST\|PRIO\|LEAF\|MTU"
61 HTB_CLASS="$HTB_CLASS\|PRIO_RULE\|PRIO_MARK\|PRIO_REALM"
62 HTB_CLASS="$HTB_CLASS\|LIMIT\|QUANTUM\|PERTURB"
64 +### uncomment to print some info while setting up
67 #############################################################################
68 ############################# SUPPORT FUNCTIONS #############################
70 ### Remove root class from device $1
72 tc qdisc del dev $1 root 2> /dev/null
73 + tc qdisc del dev $1 ingress 2> /dev/null
79 ### Display traffic control setup
81 - for dev in `all_device_list`; do
82 + for dev in `htb_device_list`; do
83 [ `tc qdisc show dev $dev| wc -l` -eq 0 ] && continue
84 echo -e "### $dev: queueing disciplines\n"
85 tc $1 qdisc show dev $dev; echo
91 + echo "[ -n \"\$VERBOSE\" ] && echo '$@'"
94 elif [ -n "$HTB_DEBUG" ]; then
95 echo -e "# `date`" > $HTB_DEBUG
98 echo -e "\n# tc $@" >> $HTB_DEBUG
99 $TC "$@" 2>&1 | tee -a $HTB_DEBUG
103 + echo -e "\n# [ -n \"\$VERBOSE\" ] && echo '$@'" >> $HTB_DEBUG
104 + [ -n "$VERBOSE" ] && echo "$@"
115 + [ -n "$VERBOSE" ] && echo "$@"
122 [ -z "$DEVICES" ] && htb_failure "no configured devices found!"
124 for dev in $DEVICES; do
125 + print "setting up $dev..."
126 ### Retrieve root qdisc options
127 DEFAULT=""; DCACHE=""; R2Q=""
128 eval `htb_filter_file $dev| grep "^\($HTB_QDISC\)="`
130 default ${DEFAULT:-0} ${R2Q:+r2q $R2Q} $DCACHE ||
131 htb_fail_off "failed to set root qdisc on $dev!"
133 + # attach ingress filter
134 + if [ "$INGRESS" != "" ]; then
135 + print " shaping incoming traffic to $INGRESS"
136 + tc qdisc add dev $dev handle ffff: ingress
137 + # drop everything that's coming in too fast:
138 + tc filter add dev $dev parent ffff: protocol ip prio 50 u32 match ip src \
139 + 0.0.0.0/0 police rate ${INGRESS} burst 10k drop flowid :1
142 [ "$1" = "compile" ] && echo
146 for classfile in `htb_class_list`; do
147 htb_load_class $classfile
149 + print " class $CLASS (rate: $RATE, ceil: $CEIL)"
152 tc class add dev $DEVICE parent 1:$PARENT classid 1:$CLASS \
153 htb rate $RATE ${CEIL:+ceil $CEIL} ${BURST:+burst $BURST} \
156 ### Create fw filter for MARK fields
157 for mark in `htb_cfile_rules MARK`; do
158 + print " mark $mark"
159 ### Attach fw filter to root class
160 tc filter add dev $DEVICE parent 1:0 protocol ip \
161 prio $PRIO_MARK handle $mark fw classid 1:$CLASS
163 ### Convert asterisks to empty strings
164 SREALM=${SREALM#\*}; DREALM=${DREALM#\*}
166 + print " realm $SREALM $DREALM"
167 ### Attach route filter to the root class
168 tc filter add dev $DEVICE parent 1:0 protocol ip \
169 prio $PRIO_REALM route ${SREALM:+from $SREALM} \
170 @@ -870,12 +926,68 @@
172 ### Uncomment the following if you want to see parsed rules
173 #echo "$rule: $u32_s $u32_d"
174 + print " source: $SRC dest: $DST"
176 ### Attach u32 filter to the appropriate class
177 tc filter add dev $DEVICE parent 1:0 protocol ip \
178 prio $PRIO_RULE u32 $u32_s $u32_d classid 1:$CLASS
181 + ### Create u32 filter for TOS fields
182 + for tos in `htb_cfile_rules TOS`; do
183 + ### Attach to root class
185 + tc filter add dev $DEVICE parent 1:0 protocol ip \
186 + prio $PRIO_RULE u32 match ip tos $tos 0xff classid 1:$CLASS
189 + ### Create u32 filter for PROTOCOL fields
190 + for p in `htb_cfile_rules PROTOCOL`; do
191 + ### Attach to root class
192 + print " protocol $p"
193 + tc filter add dev $DEVICE parent 1:0 protocol ip \
194 + prio $PRIO_RULE u32 match ip protocol $p 0xff classid 1:$CLASS
197 + ### some predefined u32 filters for convenience
198 + for a in `htb_cfile_rules PREDEF`; do
203 + # IP header length 0x5(32 bit words),
204 + # IP Total length 0x34 (ACK + 12 bytes of TCP options)
205 + # TCP ack set (bit 5, offset 33)
206 + tc filter add dev $DEVICE parent 1:0 protocol ip \
207 + prio $PRIO_RULE u32 \
208 + match ip protocol 6 0xff \
209 + match u8 0x05 0x0f at 0 \
210 + match u16 0x0000 0xffc0 at 2 \
211 + match u8 0x10 0xff at 33 \
216 + tc filter add dev $DEVICE parent 1:0 protocol ip \
217 + prio $PRIO_RULE u32 match ip protocol 1 0xff classid 1:$CLASS
220 + print " ssh-interactive"
221 + tc filter add dev $DEVICE parent 1:0 protocol ip \
222 + prio $PRIO_RULE u32 \
223 + match ip dport 22 0xffff \
224 + match ip tos 0x10 0xff classid 1:$CLASS
228 + tc filter add dev $DEVICE parent 1:0 protocol ip \
229 + prio $PRIO_RULE u32 \
230 + match ip dport 22 0xffff \
231 + match ip tos 0x08 0xff classid 1:$CLASS
236 [ "$1" = "compile" ] && echo