]> git.ipfire.org Git - ipfire-2.x.git/blame - config/qos/makeqosscripts.pl
projects / ipfire-2.x.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Geaendert:
[ipfire-2.x.git] / config / qos / makeqosscripts.pl
CommitLineData
84cab473
MT		 1#!/usr/bin/perl
2#
3# IPFire Scripts
4#
5# This code is distributed under the terms of the GPL
6#
7# (c) The IPFire Team
8#
9
10use strict;
11# enable only the following on debugging purpose
12use warnings;
13
14require '/var/ipfire/general-functions.pl';
15require "${General::swroot}/lang.pl";
16require "${General::swroot}/header.pl";
17
18my %qossettings = ();
19my %checked = ();
20my %netsettings = ();
21my $message = "";
22my $errormessage = "";
23my $c = "";
24my $direntry = "";
25my $classentry = "";
26my $subclassentry = "";
27my $l7ruleentry = "";
28my $portruleentry = "";
29my @tmp = ();
30my @classes = ();
31my @subclasses = ();
32my @l7rules = ();
33my @portrules = ();
34my @tmpline = ();
35my @classline = ();
36my @subclassline = ();
37my @l7ruleline = ();
38my @portruleline = ();
39my @proto = ();
40my %selected= () ;
41my $classfile = "/var/ipfire/qos/classes";
42my $subclassfile = "/var/ipfire/qos/subclasses";
43my $level7file = "/var/ipfire/qos/level7config";
44my $portfile = "/var/ipfire/qos/portconfig";
45
46&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
47
48$qossettings{'ENABLED'} = 'off';
49$qossettings{'EDIT'} = 'no';
50$qossettings{'OUT_SPD'} = '';
51$qossettings{'INC_SPD'} = '';
52$qossettings{'DEF_OUT_SPD'} = '';
53$qossettings{'DEF_INC_SPD'} = '';
54$qossettings{'DEFCLASS_INC'} = '';
55$qossettings{'DEFCLASS_OUT'} = '';
56$qossettings{'ACK'} = '';
57$qossettings{'MTU'} = '1492';
58$qossettings{'RED_DEV'} = `cat /var/ipfire/red/iface`;
59$qossettings{'IMQ_DEV'} = 'imq0';
60$qossettings{'VALID'} = 'yes';
61
62&General::readhash("${General::swroot}/qos/settings", \%qossettings);
63
64open( FILE, "< $classfile" ) or die "Unable to read $classfile";
65@classes = <FILE>;
66close FILE;
67open( FILE, "< $subclassfile" ) or die "Unable to read $subclassfile";
68@subclasses = <FILE>;
69close FILE;
70open( FILE, "< $level7file" ) or die "Unable to read $level7file";
71@l7rules = <FILE>;
72close FILE;
73open( FILE, "< $portfile" ) or die "Unable to read $portfile";
74@portrules = <FILE>;
75close FILE;
76
77############################################################################################################################
78############################################################################################################################
79
80print <<END
81#/bin/bash
82#################################################
83# This is an autocreated QoS-Script for #
84# IPFIRE #
85# Copyright by the IPFire Team (GPLv2) #
86# www.ipfire.org #
87#################################################
88
89### SYSTEMVARIABLES:
90# RED INTERFACE: $qossettings{'RED_DEV'}
91# IMQ DEVICE: $qossettings{'IMQ_DEV'}
92
93case "\$1" in
94
95 status)
4ed2816f
MT		 96 case "\$2" in
97 qdisc)
98 echo "[qdisc]"
99 tc -s qdisc show dev $qossettings{'RED_DEV'}
100 tc -s qdisc show dev $qossettings{'IMQ_DEV'}
101 exit 0
102 ;;
103 class)
104 echo "[class]"
105 tc -s class show dev $qossettings{'RED_DEV'}
106 tc -s class show dev $qossettings{'IMQ_DEV'}
107 exit 0
108 ;;
109 filter)
110 echo "[filter]"
111 tc -s filter show dev $qossettings{'RED_DEV'}
112 tc -s filter show dev $qossettings{'IMQ_DEV'}
113 exit 0
114 ;;
115 iptables)
116 echo "[iptables]"
117 iptables -t mangle -L QOS-OUT -v -x 2> /dev/null
118 iptables -t mangle -L QOS-INC -v -x 2> /dev/null
119 exit 0
120 ;;
121 esac
122 \$0 \$1 qdisc
123 \$0 \$1 class
124 \$0 \$1 filter
125 \$0 \$1 iptables
84cab473
MT		 126 exit 0
127 ;;
128 start)
84cab473
MT		 129 ###
130 ### $qossettings{'RED_DEV'}
131 ###
132
133 ### INIT KERNEL
134 modprobe sch_htb
135
136 ### SET QUEUE LENGTH & MTU - has just to be tested!!! IMPORTANT
137 ip link set dev $qossettings{'RED_DEV'} qlen $qossettings{'QLENGTH'}
138 ip link set dev $qossettings{'RED_DEV'} mtu $qossettings{'MTU'}
139
140 ### ADD HTB QDISC FOR $qossettings{'RED_DEV'}
141 tc qdisc add dev $qossettings{'RED_DEV'} root handle 1: htb default $qossettings{'DEFCLASS_OUT'}
142
143 ### MAIN RATE LIMIT
144 tc class add dev $qossettings{'RED_DEV'} parent 1: classid 1:1 htb rate $qossettings{'OUT_SPD'}kbit
145
146 ### CLASSES FOR $qossettings{'RED_DEV'}
147END
148;
149foreach $classentry (sort @classes)
150{
151 @classline = split( /\;/, $classentry );
152 if ($qossettings{'RED_DEV'} eq $classline[0]) {
153 $qossettings{'DEVICE'} = $classline[0];
154 $qossettings{'CLASS'} = $classline[1];
155 $qossettings{'PRIO'} = $classline[2];
156 $qossettings{'RATE'} = $classline[3];
157 $qossettings{'CEIL'} = $classline[4];
158 $qossettings{'BURST'} = $classline[5];
159 $qossettings{'CBURST'} = $classline[6];
160 print "\ttc class add dev $qossettings{'DEVICE'} parent 1:1 classid 1:$qossettings{'CLASS'} htb rate $qossettings{'RATE'}kbit ceil $qossettings{'CEIL'}kbit prio $qossettings{'PRIO'} ";
4ed2816f 161 if (($qossettings{'BURST'} ne '') && ($qossettings{'BURST'} ne 0)) {
84cab473
MT		 162 print "burst $qossettings{'BURST'}k ";
163 }
b684b13b 164 if (($qossettings{'CBURST'} ne '') && ($qossettings{'CBURST'} ne 0)) {
84cab473
MT		 165 print "cburst $qossettings{'CBURST'}k";
166 }
167 print "\n";
168 }
169}
170foreach $subclassentry (sort @subclasses) {
171 @subclassline = split( /\;/, $subclassentry );
92b5fba4
MT		 172 if ($qossettings{'RED_DEV'} eq $subclassline[0]) {
173 $qossettings{'DEVICE'} = $subclassline[0];
174 $qossettings{'CLASS'} = $subclassline[1];
175 $qossettings{'SCLASS'} = $subclassline[2];
176 $qossettings{'SPRIO'} = $subclassline[3];
177 $qossettings{'SRATE'} = $subclassline[4];
178 $qossettings{'SCEIL'} = $subclassline[5];
179 $qossettings{'SBURST'} = $subclassline[6];
180 $qossettings{'SCBURST'} = $subclassline[7];
181 print "\ttc class add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} classid 1:$qossettings{'SCLASS'} htb rate $qossettings{'SRATE'}kbit ceil $qossettings{'SCEIL'}kbit prio $qossettings{'SPRIO'} ";
182 if ($qossettings{'SBURST'} > 0) {
183 print "burst $qossettings{'SBURST'}k ";
184 }
185 if (($qossettings{'SCBURST'} ne '') && ($qossettings{'SCBURST'} ne 0)) {
186 print "cburst $qossettings{'CBURST'}k";
187 }
188 print "\n";
84cab473 189 }
84cab473
MT		 190}
191
192print "\n\t### ATTACH QDISC TO LEAF CLASSES\n";
193foreach $classentry (sort @classes)
194{
195 @classline = split( /\;/, $classentry );
196 if ($qossettings{'RED_DEV'} eq $classline[0]) {
197 $qossettings{'DEVICE'} = $classline[0];
198 $qossettings{'CLASS'} = $classline[1];
199 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} handle $qossettings{'CLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
200 }
201}
202foreach $subclassentry (sort @subclasses) {
203 @subclassline = split( /\;/, $subclassentry );
204 if ($qossettings{'RED_DEV'} eq $subclassline[0]) {
205 $qossettings{'DEVICE'} = $subclassline[0];
206 $qossettings{'SCLASS'} = $subclassline[2];
207 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 1:$qossettings{'SCLASS'} handle $qossettings{'SCLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
208 }
209}
210print "\n\t### FILTER TRAFFIC INTO CLASSES\n";
211foreach $classentry (sort @classes)
212{
213 @classline = split( /\;/, $classentry );
214 if ($qossettings{'RED_DEV'} eq $classline[0]) {
215 $qossettings{'DEVICE'} = $classline[0];
216 $qossettings{'CLASS'} = $classline[1];
217 print "\ttc filter add dev $qossettings{'DEVICE'} parent 1:0 prio 0 protocol ip handle $qossettings{'CLASS'} fw flowid 1:$qossettings{'CLASS'}\n";
218 }
219}
220foreach $subclassentry (sort @subclasses) {
221 @subclassline = split( /\;/, $subclassentry );
222 if ($qossettings{'RED_DEV'} eq $subclassline[0]) {
223 $qossettings{'DEVICE'} = $subclassline[0];
224 $qossettings{'CLASS'} = $subclassline[1];
225 $qossettings{'SCLASS'} = $subclassline[2];
92b5fba4 226 print "\ttc filter add dev $qossettings{'DEVICE'} parent 1:0 prio 0 protocol ip handle $qossettings{'SCLASS'} fw flowid 1:$qossettings{'SCLASS'}\n";
84cab473
MT		 227 }
228}
229print <<END
230
231 ### ADD QOS-OUT CHAIN TO THE MANGLE TABLE IN IPTABLES
232 iptables -t mangle -N QOS-OUT
233 iptables -t mangle -I POSTROUTING -o $qossettings{'RED_DEV'} -j QOS-OUT
234
235 ### MARK ACKs
236 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j TOS --set-tos 4
237 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j MARK --set-mark $qossettings{'ACK'}
238 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j RETURN
239
240 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p icmp -m length --length 40:100 -j MARK --set-mark $qossettings{'ACK'}
241 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p icmp -m length --length 40:100 -j RETURN
242
243 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j TOS --set-tos 4
244 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j MARK --set-mark $qossettings{'ACK'}
245 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j RETURN
246
247 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j TOS --set-tos 4
248 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j MARK --set-mark $qossettings{'ACK'}
249 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j RETURN
250
251 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j TOS --set-tos 4
252 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j MARK --set-mark $qossettings{'ACK'}
253 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j RETURN
254
255 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j TOS --set-tos 4
256 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j MARK --set-mark $qossettings{'ACK'}
257 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j RETURN
258
259 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j TOS --set-tos 4
260 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j MARK --set-mark $qossettings{'ACK'}
261 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j RETURN
262
263 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j TOS --set-tos 4
264 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j MARK --set-mark $qossettings{'ACK'}
265 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j RETURN
266
267 ### SET LEVEL7-RULES
268END
269;
270 foreach $l7ruleentry (sort @l7rules)
271 {
272 @l7ruleline = split( /\;/, $l7ruleentry );
273 if ( $l7ruleline[1] eq $qossettings{'RED_DEV'} )
274 {
275 $qossettings{'CLASS'} = $l7ruleline[0];
276 $qossettings{'DEVICE'} = $l7ruleline[1];
277 $qossettings{'L7PROT'} = $l7ruleline[2];
278 $qossettings{'QIP'} = $l7ruleline[3];
279 $qossettings{'DIP'} = $l7ruleline[4];
4ed2816f 280 print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} ";
84cab473
MT		 281 if ($qossettings{'QIP'} ne ''){
282 print "-s $qossettings{'QIP'} ";
283 }
284 if ($qossettings{'DIP'} ne ''){
285 print "-d $qossettings{'DIP'} ";
286 }
287 print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j MARK --set-mark $qossettings{'CLASS'}\n";
4ed2816f 288 print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} ";
b684b13b
MT		 289 if ($qossettings{'QIP'} ne ''){
290 print "-s $qossettings{'QIP'} ";
291 }
292 if ($qossettings{'DIP'} ne ''){
293 print "-d $qossettings{'DIP'} ";
294 }
295 print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j RETURN\n";
84cab473
MT		 296 }
297 }
298
299print "\n\t### SET PORT-RULES\n";
300 foreach $portruleentry (sort @portrules)
301 {
302 @portruleline = split( /\;/, $portruleentry );
303 if ( $portruleline[1] eq $qossettings{'RED_DEV'} )
304 {
305 $qossettings{'CLASS'} = $portruleline[0];
306 $qossettings{'DEVICE'} = $portruleline[1];
307 $qossettings{'PPROT'} = $portruleline[2];
308 $qossettings{'QIP'} = $portruleline[3];
309 $qossettings{'QPORT'} = $portruleline[4];
310 $qossettings{'DIP'} = $portruleline[5];
311 $qossettings{'DPORT'} = $portruleline[6];
4ed2816f 312 print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} ";
84cab473
MT		 313 if ($qossettings{'QIP'} ne ''){
314 print "-s $qossettings{'QIP'} ";
315 }
316 if ($qossettings{'DIP'} ne ''){
317 print "-d $qossettings{'DIP'} ";
318 }
319 print "-p $qossettings{'PPROT'} ";
320 if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
321 print "-m multiport ";
322 }
323 if ($qossettings{'QPORT'} ne ''){
324 print "--sport $qossettings{'QPORT'} ";
325 }
326 if ($qossettings{'DPORT'} ne ''){
327 print "--dport $qossettings{'DPORT'} ";
328 }
329 print "-j MARK --set-mark $qossettings{'CLASS'}\n";
4ed2816f 330 print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} ";
84cab473
MT		 331 if ($qossettings{'QIP'} ne ''){
332 print "-s $qossettings{'QIP'} ";
333 }
334 if ($qossettings{'DIP'} ne ''){
335 print "-d $qossettings{'DIP'} ";
336 }
337 print "-p $qossettings{'PPROT'} ";
338 if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
339 print "-m multiport ";
340 }
341 if ($qossettings{'QPORT'} ne ''){
342 print "--sport $qossettings{'QPORT'} ";
343 }
344 if ($qossettings{'DPORT'} ne ''){
345 print "--dport $qossettings{'DPORT'} ";
346 }
347 print "-j RETURN\n\n";
348 }
349 }
350
351print <<END
352
353 ### REDUNDANT: SET ALL NONMARKED PACKETS TO DEFAULT CLASS
b684b13b 354 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -m mark --mark 0 -j MARK --set-mark $qossettings{'DEFCLASS_OUT'}
84cab473
MT		 355
356 ###
357 ### $qossettings{'IMQ_DEV'}
358 ###
359
360 ### BRING UP $qossettings{'IMQ_DEV'}
b684b13b
MT		 361 if [ `lsmod | grep -q ipt_IMQ` ]; then
362 insmod ipt_IMQ
363 sleep 2
364 fi
84cab473
MT		 365 modprobe imq numdevs=1
366 ip link set $qossettings{'IMQ_DEV'} up
367
368 ### SET QUEUE LENGTH & MTU - has just to be tested!!! IMPORTANT
369 ip link set dev $qossettings{'IMQ_DEV'} qlen $qossettings{'QLENGTH'}
4ed2816f 370 # ip link set dev $qossettings{'IMQ_DEV'} mtu $qossettings{'MTU'}
84cab473
MT		 371
372 ### ADD HTB QDISC FOR $qossettings{'IMQ_DEV'}
373 tc qdisc add dev $qossettings{'IMQ_DEV'} root handle 2: htb default $qossettings{'DEFCLASS_INC'}
374
375 ### MAIN RATE LIMIT
376 tc class add dev $qossettings{'IMQ_DEV'} parent 2: classid 2:1 htb rate $qossettings{'INC_SPD'}kbit
377
378 ### CLASSES FOR $qossettings{'IMQ_DEV'}
379END
380;
381foreach $classentry (sort @classes)
382{
383 @classline = split( /\;/, $classentry );
384 if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
385 $qossettings{'DEVICE'} = $classline[0];
386 $qossettings{'CLASS'} = $classline[1];
387 $qossettings{'PRIO'} = $classline[2];
388 $qossettings{'RATE'} = $classline[3];
389 $qossettings{'CEIL'} = $classline[4];
390 $qossettings{'BURST'} = $classline[5];
391 $qossettings{'CBURST'} = $classline[6];
392 print "\ttc class add dev $qossettings{'DEVICE'} parent 2:1 classid 2:$qossettings{'CLASS'} htb rate $qossettings{'RATE'}kbit ceil $qossettings{'CEIL'}kbit prio $qossettings{'PRIO'} ";
4ed2816f 393 if (($qossettings{'BURST'} ne '') && ($qossettings{'BURST'} ne 0)) {
84cab473
MT		 394 print "burst $qossettings{'BURST'}k ";
395 }
4ed2816f 396 if (($qossettings{'CBURST'} ne '') && ($qossettings{'CBURST'} ne 0)) {
84cab473
MT		 397 print "cburst $qossettings{'CBURST'}k";
398 }
399 print "\n";
400 }
401}
402foreach $subclassentry (sort @subclasses) {
403 @subclassline = split( /\;/, $subclassentry );
404 if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
405 $qossettings{'DEVICE'} = $subclassline[0];
406 $qossettings{'CLASS'} = $subclassline[1];
407 $qossettings{'SCLASS'} = $subclassline[2];
408 $qossettings{'SPRIO'} = $subclassline[3];
409 $qossettings{'SRATE'} = $subclassline[4];
410 $qossettings{'SCEIL'} = $subclassline[5];
411 $qossettings{'SBURST'} = $subclassline[6];
412 $qossettings{'SCBURST'} = $subclassline[7];
413 print "\ttc class add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} classid 2:$qossettings{'SCLASS'} htb rate $qossettings{'SRATE'}kbit ceil $qossettings{'SCEIL'}kbit prio $qossettings{'SPRIO'} ";
414 if ($qossettings{'SBURST'} > 0) {
415 print "burst $qossettings{'SBURST'}k ";
416 }
4ed2816f 417 if (($qossettings{'SCBURST'} ne '') && ($qossettings{'SCBURST'} ne 0)) {
84cab473
MT		 418 print "cburst $qossettings{'CBURST'}k";
419 }
420 print "\n";
421 }
422}
423
424print "\n\t### ATTACH QDISC TO LEAF CLASSES\n";
425foreach $classentry (sort @classes)
426{
427 @classline = split( /\;/, $classentry );
428 if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
429 $qossettings{'DEVICE'} = $classline[0];
430 $qossettings{'CLASS'} = $classline[1];
431 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} handle $qossettings{'CLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
432 }
433}
434foreach $subclassentry (sort @subclasses) {
435 @subclassline = split( /\;/, $subclassentry );
436 if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
437 $qossettings{'DEVICE'} = $subclassline[0];
438 $qossettings{'SCLASS'} = $subclassline[2];
439 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 2:$qossettings{'SCLASS'} handle $qossettings{'SCLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
440 }
441}
442print "\n\t### FILTER TRAFFIC INTO CLASSES\n";
443foreach $classentry (sort @classes)
444{
445 @classline = split( /\;/, $classentry );
446 if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
447 $qossettings{'DEVICE'} = $classline[0];
448 $qossettings{'CLASS'} = $classline[1];
449 print "\ttc filter add dev $qossettings{'DEVICE'} parent 2:0 prio 0 protocol ip handle $qossettings{'CLASS'} fw flowid 2:$qossettings{'CLASS'}\n";
450 }
451}
452foreach $subclassentry (sort @subclasses) {
453 @subclassline = split( /\;/, $subclassentry );
454 if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
455 $qossettings{'DEVICE'} = $subclassline[0];
456 $qossettings{'CLASS'} = $subclassline[1];
457 $qossettings{'SCLASS'} = $subclassline[2];
92b5fba4 458 print "\ttc filter add dev $qossettings{'DEVICE'} parent 2:0 prio 0 protocol ip handle $qossettings{'SCLASS'} fw flowid 2:$qossettings{'SCLASS'}\n";
84cab473
MT		 459 }
460}
461print <<END
462
4ed2816f 463 ### ADD QOS-INC CHAIN TO THE MANGLE TABLE IN IPTABLES
84cab473 464 iptables -t mangle -N QOS-INC
b684b13b
MT		 465 iptables -t mangle -A PREROUTING -i $qossettings{'RED_DEV'} -j IMQ --todev 0
466 iptables -t mangle -I PREROUTING -i $qossettings{'RED_DEV'} -j QOS-INC
467
84cab473
MT		 468 ### SET LEVEL7-RULES
469END
470;
471 foreach $l7ruleentry (sort @l7rules)
472 {
473 @l7ruleline = split( /\;/, $l7ruleentry );
474 if ( $l7ruleline[1] eq $qossettings{'IMQ_DEV'} )
475 {
476 $qossettings{'CLASS'} = $l7ruleline[0];
477 $qossettings{'DEVICE'} = $l7ruleline[1];
478 $qossettings{'L7PROT'} = $l7ruleline[2];
479 $qossettings{'QIP'} = $l7ruleline[3];
480 $qossettings{'DIP'} = $l7ruleline[4];
4ed2816f 481 print "\tiptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} ";
84cab473
MT		 482 if ($qossettings{'QIP'} ne ''){
483 print "-s $qossettings{'QIP'} ";
484 }
485 if ($qossettings{'DIP'} ne ''){
486 print "-d $qossettings{'DIP'} ";
487 }
488 print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j MARK --set-mark $qossettings{'CLASS'}\n";
4ed2816f 489 print "\tiptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} ";
b684b13b
MT		 490 if ($qossettings{'QIP'} ne ''){
491 print "-s $qossettings{'QIP'} ";
492 }
493 if ($qossettings{'DIP'} ne ''){
494 print "-d $qossettings{'DIP'} ";
495 }
496 print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j RETURN\n";
84cab473
MT		 497 }
498 }
499
500print "\n\t### SET PORT-RULES\n";
501 foreach $portruleentry (sort @portrules)
502 {
503 @portruleline = split( /\;/, $portruleentry );
504 if ( $portruleline[1] eq $qossettings{'IMQ_DEV'} )
505 {
506 $qossettings{'CLASS'} = $portruleline[0];
507 $qossettings{'DEVICE'} = $portruleline[1];
508 $qossettings{'PPROT'} = $portruleline[2];
509 $qossettings{'QIP'} = $portruleline[3];
510 $qossettings{'QPORT'} = $portruleline[4];
511 $qossettings{'DIP'} = $portruleline[5];
512 $qossettings{'DPORT'} = $portruleline[6];
4ed2816f 513 print "\tiptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} ";
84cab473
MT		 514 if ($qossettings{'QIP'} ne ''){
515 print "-s $qossettings{'QIP'} ";
516 }
517 if ($qossettings{'DIP'} ne ''){
518 print "-d $qossettings{'DIP'} ";
519 }
520 print "-p $qossettings{'PPROT'} ";
521 if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
522 print "-m multiport ";
523 }
524 if ($qossettings{'QPORT'} ne ''){
525 print "--sport $qossettings{'QPORT'} ";
526 }
527 if ($qossettings{'DPORT'} ne ''){
528 print "--dport $qossettings{'DPORT'} ";
529 }
530 print "-j MARK --set-mark $qossettings{'CLASS'}\n";
4ed2816f 531 print "\tiptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} ";
84cab473
MT		 532 if ($qossettings{'QIP'} ne ''){
533 print "-s $qossettings{'QIP'} ";
534 }
535 if ($qossettings{'DIP'} ne ''){
536 print "-d $qossettings{'DIP'} ";
537 }
538 print "-p $qossettings{'PPROT'} ";
539 if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
540 print "-m multiport ";
541 }
542 if ($qossettings{'QPORT'} ne ''){
543 print "--sport $qossettings{'QPORT'} ";
544 }
545 if ($qossettings{'DPORT'} ne ''){
546 print "--dport $qossettings{'DPORT'} ";
547 }
548 print "-j RETURN\n\n";
549 }
550 }
551
552print <<END
84cab473 553 ### REDUNDANT: SET ALL NONMARKED PACKETS TO DEFAULT CLASS
4ed2816f 554 iptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} -m mark --mark 0 -j MARK --set-mark $qossettings{'DEFCLASS_INC'}
84cab473 555
363fb6af
MT		 556 ## STARTING COLLECTOR
557 /usr/local/bin/qosd $qossettings{'RED_DEV'} >/dev/null 2>&1
558 /usr/local/bin/qosd $qossettings{'IMQ_DEV'} >/dev/null 2>&1
559
84cab473
MT		 560 echo "Quality of Service was successfully started!"
561 exit 0
562 ;;
4ed2816f 563 clear|stop)
84cab473 564 ### RESET EVERYTHING TO A KNOWN STATE
363fb6af 565 killall -9 qosd
84cab473 566 # DELETE QDISCS
b684b13b
MT		 567 tc qdisc del dev $qossettings{'RED_DEV'} root
568 tc qdisc del dev $qossettings{'IMQ_DEV'} root
4ed2816f
MT		 569 # STOP IMQ-DEVICE
570 ip link set $qossettings{'IMQ_DEV'} down
571 iptables -t mangle --delete PREROUTING -i $qossettings{'RED_DEV'} -j IMQ --todev 0
572 rmmod imq
84cab473 573 # REMOVE & FLUSH CHAINS
b684b13b
MT		 574 iptables -t mangle --delete POSTROUTING -o $qossettings{'RED_DEV'} -j QOS-OUT
575 iptables -t mangle --flush QOS-OUT
576 iptables -t mangle --delete-chain QOS-OUT
4ed2816f 577 iptables -t mangle --delete PREROUTING -i $qossettings{'RED_DEV'} -j QOS-INC
b684b13b
MT		 578 iptables -t mangle --flush QOS-INC
579 iptables -t mangle --delete-chain QOS-INC
b684b13b 580 rmmod sch_htb
84cab473
MT		 581 echo "Quality of Service was successfully cleared!"
582 ;;
4ed2816f 583 gen|generate)
b684b13b
MT		 584 echo -n "Generateing the QoS-Scripts..."
585 /usr/bin/perl /var/ipfire/qos/bin/makeqosscripts.pl > /var/ipfire/qos/bin/qos.sh
586 echo ".Done!"
587 exit 0
588 ;;
4ed2816f
MT		 589 restart)
590 ### FIRST CLEAR EVERYTHING
591 \$0 clear
592
593 ### THEN START
594 \$0 start
595 ;;
84cab473
MT		 596esac
597### EOF
598END
599;
600
601############################################################################################################################
602############################################################################################################################
IPFire 2.x development tree