]> git.ipfire.org Git - ipfire-2.x.git/blob - config/qos/makeqosscripts.pl
projects / ipfire-2.x.git / blob
? search:


a0974562080b150861084e29dbcb90c7eac7cb9d
[ipfire-2.x.git] / config / qos / makeqosscripts.pl
1 #!/usr/bin/perl
2 #
3 # IPFire Scripts
4 #
5 # This code is distributed under the terms of the GPL
6 #
7 # (c) The IPFire Team
8 #
9
10 use strict;
11 # enable only the following on debugging purpose
12 use warnings;
13
14 require '/var/ipfire/general-functions.pl';
15 require "${General::swroot}/lang.pl";
16 require "${General::swroot}/header.pl";
17
18 my %qossettings = ();
19 my %checked = ();
20 my %netsettings = ();
21 my $message = "";
22 my $errormessage = "";
23 my $c = "";
24 my $direntry = "";
25 my $classentry = "";
26 my $subclassentry = "";
27 my $l7ruleentry = "";
28 my $portruleentry = "";
29 my @tmp = ();
30 my @classes = ();
31 my @subclasses = ();
32 my @l7rules = ();
33 my @portrules = ();
34 my @tmpline = ();
35 my @classline = ();
36 my @subclassline = ();
37 my @l7ruleline = ();
38 my @portruleline = ();
39 my @proto = ();
40 my %selected= () ;
41 my $classfile = "/var/ipfire/qos/classes";
42 my $subclassfile = "/var/ipfire/qos/subclasses";
43 my $level7file = "/var/ipfire/qos/level7config";
44 my $portfile = "/var/ipfire/qos/portconfig";
45
46 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
47
48 $qossettings{'ENABLED'} = 'off';
49 $qossettings{'EDIT'} = 'no';
50 $qossettings{'OUT_SPD'} = '';
51 $qossettings{'INC_SPD'} = '';
52 $qossettings{'DEF_OUT_SPD'} = '';
53 $qossettings{'DEF_INC_SPD'} = '';
54 $qossettings{'DEFCLASS_INC'} = '';
55 $qossettings{'DEFCLASS_OUT'} = '';
56 $qossettings{'ACK'} = '';
57 $qossettings{'MTU'} = '1492';
58 $qossettings{'RED_DEV'} = `cat /var/ipfire/red/iface`;
59 $qossettings{'IMQ_DEV'} = 'imq0';
60 $qossettings{'VALID'} = 'yes';
61
62 &General::readhash("${General::swroot}/qos/settings", \%qossettings);
63
64 open( FILE, "< $classfile" ) or die "Unable to read $classfile";
65 @classes = <FILE>;
66 close FILE;
67 open( FILE, "< $subclassfile" ) or die "Unable to read $subclassfile";
68 @subclasses = <FILE>;
69 close FILE;
70 open( FILE, "< $level7file" ) or die "Unable to read $level7file";
71 @l7rules = <FILE>;
72 close FILE;
73 open( FILE, "< $portfile" ) or die "Unable to read $portfile";
74 @portrules = <FILE>;
75 close FILE;
76
77 ############################################################################################################################
78 ############################################################################################################################
79
80 print <<END
81 #/bin/bash
82 #################################################
83 # This is an autocreated QoS-Script for #
84 # IPFIRE #
85 # Copyright by the IPFire Team (GPLv2) #
86 # www.ipfire.org #
87 #################################################
88
89 ### SYSTEMVARIABLES:
90 # RED INTERFACE: $qossettings{'RED_DEV'}
91 # IMQ DEVICE: $qossettings{'IMQ_DEV'}
92
93 case "\$1" in
94
95 status)
96 case "\$2" in
97 qdisc)
98 echo "[qdisc]"
99 tc -s qdisc show dev $qossettings{'RED_DEV'}
100 tc -s qdisc show dev $qossettings{'IMQ_DEV'}
101 exit 0
102 ;;
103 class)
104 echo "[class]"
105 tc -s class show dev $qossettings{'RED_DEV'}
106 tc -s class show dev $qossettings{'IMQ_DEV'}
107 exit 0
108 ;;
109 filter)
110 echo "[filter]"
111 tc -s filter show dev $qossettings{'RED_DEV'}
112 tc -s filter show dev $qossettings{'IMQ_DEV'}
113 exit 0
114 ;;
115 iptables)
116 echo "[iptables]"
117 iptables -t mangle -L QOS-OUT -v -x 2> /dev/null
118 iptables -t mangle -L QOS-INC -v -x 2> /dev/null
119 exit 0
120 ;;
121 esac
122 \$0 \$1 qdisc
123 \$0 \$1 class
124 \$0 \$1 filter
125 \$0 \$1 iptables
126 exit 0
127 ;;
128 start)
129 ###
130 ### $qossettings{'RED_DEV'}
131 ###
132
133 ### INIT KERNEL
134 modprobe sch_htb
135
136 ### SET QUEUE LENGTH & MTU - has just to be tested!!! IMPORTANT
137 ip link set dev $qossettings{'RED_DEV'} qlen $qossettings{'QLENGTH'}
138 ip link set dev $qossettings{'RED_DEV'} mtu $qossettings{'MTU'}
139
140 ### ADD HTB QDISC FOR $qossettings{'RED_DEV'}
141 tc qdisc add dev $qossettings{'RED_DEV'} root handle 1: htb default $qossettings{'DEFCLASS_OUT'}
142
143 ### MAIN RATE LIMIT
144 tc class add dev $qossettings{'RED_DEV'} parent 1: classid 1:1 htb rate $qossettings{'OUT_SPD'}kbit
145
146 ### CLASSES FOR $qossettings{'RED_DEV'}
147 END
148 ;
149 foreach $classentry (sort @classes)
150 {
151 @classline = split( /\;/, $classentry );
152 if ($qossettings{'RED_DEV'} eq $classline[0]) {
153 $qossettings{'DEVICE'} = $classline[0];
154 $qossettings{'CLASS'} = $classline[1];
155 $qossettings{'PRIO'} = $classline[2];
156 $qossettings{'RATE'} = $classline[3];
157 $qossettings{'CEIL'} = $classline[4];
158 $qossettings{'BURST'} = $classline[5];
159 $qossettings{'CBURST'} = $classline[6];
160 print "\ttc class add dev $qossettings{'DEVICE'} parent 1:1 classid 1:$qossettings{'CLASS'} htb rate $qossettings{'RATE'}kbit ceil $qossettings{'CEIL'}kbit prio $qossettings{'PRIO'} ";
161 if (($qossettings{'BURST'} ne '') && ($qossettings{'BURST'} ne 0)) {
162 print "burst $qossettings{'BURST'}k ";
163 }
164 if (($qossettings{'CBURST'} ne '') && ($qossettings{'CBURST'} ne 0)) {
165 print "cburst $qossettings{'CBURST'}k";
166 }
167 print "\n";
168 }
169 }
170 foreach $subclassentry (sort @subclasses) {
171 @subclassline = split( /\;/, $subclassentry );
172 $qossettings{'DEVICE'} = $subclassline[0];
173 $qossettings{'CLASS'} = $subclassline[1];
174 $qossettings{'SCLASS'} = $subclassline[2];
175 $qossettings{'SPRIO'} = $subclassline[3];
176 $qossettings{'SRATE'} = $subclassline[4];
177 $qossettings{'SCEIL'} = $subclassline[5];
178 $qossettings{'SBURST'} = $subclassline[6];
179 $qossettings{'SCBURST'} = $subclassline[7];
180 print "\ttc class add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} classid 1:$qossettings{'SCLASS'} htb rate $qossettings{'SRATE'}kbit ceil $qossettings{'SCEIL'}kbit prio $qossettings{'SPRIO'} ";
181 if ($qossettings{'SBURST'} > 0) {
182 print "burst $qossettings{'SBURST'}k ";
183 }
184 if (($qossettings{'SCBURST'} ne '') && ($qossettings{'SCBURST'} ne 0)) {
185 print "cburst $qossettings{'CBURST'}k";
186 }
187 print "\n";
188 }
189
190 print "\n\t### ATTACH QDISC TO LEAF CLASSES\n";
191 foreach $classentry (sort @classes)
192 {
193 @classline = split( /\;/, $classentry );
194 if ($qossettings{'RED_DEV'} eq $classline[0]) {
195 $qossettings{'DEVICE'} = $classline[0];
196 $qossettings{'CLASS'} = $classline[1];
197 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} handle $qossettings{'CLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
198 }
199 }
200 foreach $subclassentry (sort @subclasses) {
201 @subclassline = split( /\;/, $subclassentry );
202 if ($qossettings{'RED_DEV'} eq $subclassline[0]) {
203 $qossettings{'DEVICE'} = $subclassline[0];
204 $qossettings{'SCLASS'} = $subclassline[2];
205 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 1:$qossettings{'SCLASS'} handle $qossettings{'SCLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
206 }
207 }
208 print "\n\t### FILTER TRAFFIC INTO CLASSES\n";
209 foreach $classentry (sort @classes)
210 {
211 @classline = split( /\;/, $classentry );
212 if ($qossettings{'RED_DEV'} eq $classline[0]) {
213 $qossettings{'DEVICE'} = $classline[0];
214 $qossettings{'CLASS'} = $classline[1];
215 print "\ttc filter add dev $qossettings{'DEVICE'} parent 1:0 prio 0 protocol ip handle $qossettings{'CLASS'} fw flowid 1:$qossettings{'CLASS'}\n";
216 }
217 }
218 foreach $subclassentry (sort @subclasses) {
219 @subclassline = split( /\;/, $subclassentry );
220 if ($qossettings{'RED_DEV'} eq $subclassline[0]) {
221 $qossettings{'DEVICE'} = $subclassline[0];
222 $qossettings{'CLASS'} = $subclassline[1];
223 $qossettings{'SCLASS'} = $subclassline[2];
224 print "\ttc filter add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} prio 0 protocol ip handle $qossettings{'SCLASS'} fw flowid 1:$qossettings{'SCLASS'}\n";
225 }
226 }
227 print <<END
228
229 ### ADD QOS-OUT CHAIN TO THE MANGLE TABLE IN IPTABLES
230 iptables -t mangle -N QOS-OUT
231 iptables -t mangle -I POSTROUTING -o $qossettings{'RED_DEV'} -j QOS-OUT
232
233 ### MARK ACKs
234 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j TOS --set-tos 4
235 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j MARK --set-mark $qossettings{'ACK'}
236 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j RETURN
237
238 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p icmp -m length --length 40:100 -j MARK --set-mark $qossettings{'ACK'}
239 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p icmp -m length --length 40:100 -j RETURN
240
241 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j TOS --set-tos 4
242 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j MARK --set-mark $qossettings{'ACK'}
243 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j RETURN
244
245 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j TOS --set-tos 4
246 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j MARK --set-mark $qossettings{'ACK'}
247 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j RETURN
248
249 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j TOS --set-tos 4
250 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j MARK --set-mark $qossettings{'ACK'}
251 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j RETURN
252
253 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j TOS --set-tos 4
254 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j MARK --set-mark $qossettings{'ACK'}
255 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j RETURN
256
257 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j TOS --set-tos 4
258 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j MARK --set-mark $qossettings{'ACK'}
259 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j RETURN
260
261 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j TOS --set-tos 4
262 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j MARK --set-mark $qossettings{'ACK'}
263 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j RETURN
264
265 ### SET LEVEL7-RULES
266 END
267 ;
268 foreach $l7ruleentry (sort @l7rules)
269 {
270 @l7ruleline = split( /\;/, $l7ruleentry );
271 if ( $l7ruleline[1] eq $qossettings{'RED_DEV'} )
272 {
273 $qossettings{'CLASS'} = $l7ruleline[0];
274 $qossettings{'DEVICE'} = $l7ruleline[1];
275 $qossettings{'L7PROT'} = $l7ruleline[2];
276 $qossettings{'QIP'} = $l7ruleline[3];
277 $qossettings{'DIP'} = $l7ruleline[4];
278 print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} ";
279 if ($qossettings{'QIP'} ne ''){
280 print "-s $qossettings{'QIP'} ";
281 }
282 if ($qossettings{'DIP'} ne ''){
283 print "-d $qossettings{'DIP'} ";
284 }
285 print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j MARK --set-mark $qossettings{'CLASS'}\n";
286 print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} ";
287 if ($qossettings{'QIP'} ne ''){
288 print "-s $qossettings{'QIP'} ";
289 }
290 if ($qossettings{'DIP'} ne ''){
291 print "-d $qossettings{'DIP'} ";
292 }
293 print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j RETURN\n";
294 }
295 }
296
297 print "\n\t### SET PORT-RULES\n";
298 foreach $portruleentry (sort @portrules)
299 {
300 @portruleline = split( /\;/, $portruleentry );
301 if ( $portruleline[1] eq $qossettings{'RED_DEV'} )
302 {
303 $qossettings{'CLASS'} = $portruleline[0];
304 $qossettings{'DEVICE'} = $portruleline[1];
305 $qossettings{'PPROT'} = $portruleline[2];
306 $qossettings{'QIP'} = $portruleline[3];
307 $qossettings{'QPORT'} = $portruleline[4];
308 $qossettings{'DIP'} = $portruleline[5];
309 $qossettings{'DPORT'} = $portruleline[6];
310 print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} ";
311 if ($qossettings{'QIP'} ne ''){
312 print "-s $qossettings{'QIP'} ";
313 }
314 if ($qossettings{'DIP'} ne ''){
315 print "-d $qossettings{'DIP'} ";
316 }
317 print "-p $qossettings{'PPROT'} ";
318 if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
319 print "-m multiport ";
320 }
321 if ($qossettings{'QPORT'} ne ''){
322 print "--sport $qossettings{'QPORT'} ";
323 }
324 if ($qossettings{'DPORT'} ne ''){
325 print "--dport $qossettings{'DPORT'} ";
326 }
327 print "-j MARK --set-mark $qossettings{'CLASS'}\n";
328 print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} ";
329 if ($qossettings{'QIP'} ne ''){
330 print "-s $qossettings{'QIP'} ";
331 }
332 if ($qossettings{'DIP'} ne ''){
333 print "-d $qossettings{'DIP'} ";
334 }
335 print "-p $qossettings{'PPROT'} ";
336 if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
337 print "-m multiport ";
338 }
339 if ($qossettings{'QPORT'} ne ''){
340 print "--sport $qossettings{'QPORT'} ";
341 }
342 if ($qossettings{'DPORT'} ne ''){
343 print "--dport $qossettings{'DPORT'} ";
344 }
345 print "-j RETURN\n\n";
346 }
347 }
348
349 print <<END
350
351 ### REDUNDANT: SET ALL NONMARKED PACKETS TO DEFAULT CLASS
352 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -m mark --mark 0 -j MARK --set-mark $qossettings{'DEFCLASS_OUT'}
353
354 ###
355 ### $qossettings{'IMQ_DEV'}
356 ###
357
358 ### BRING UP $qossettings{'IMQ_DEV'}
359 if [ `lsmod | grep -q ipt_IMQ` ]; then
360 insmod ipt_IMQ
361 sleep 2
362 fi
363 modprobe imq numdevs=1
364 ip link set $qossettings{'IMQ_DEV'} up
365
366 ### SET QUEUE LENGTH & MTU - has just to be tested!!! IMPORTANT
367 ip link set dev $qossettings{'IMQ_DEV'} qlen $qossettings{'QLENGTH'}
368 # ip link set dev $qossettings{'IMQ_DEV'} mtu $qossettings{'MTU'}
369
370 ### ADD HTB QDISC FOR $qossettings{'IMQ_DEV'}
371 tc qdisc add dev $qossettings{'IMQ_DEV'} root handle 2: htb default $qossettings{'DEFCLASS_INC'}
372
373 ### MAIN RATE LIMIT
374 tc class add dev $qossettings{'IMQ_DEV'} parent 2: classid 2:1 htb rate $qossettings{'INC_SPD'}kbit
375
376 ### CLASSES FOR $qossettings{'IMQ_DEV'}
377 END
378 ;
379 foreach $classentry (sort @classes)
380 {
381 @classline = split( /\;/, $classentry );
382 if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
383 $qossettings{'DEVICE'} = $classline[0];
384 $qossettings{'CLASS'} = $classline[1];
385 $qossettings{'PRIO'} = $classline[2];
386 $qossettings{'RATE'} = $classline[3];
387 $qossettings{'CEIL'} = $classline[4];
388 $qossettings{'BURST'} = $classline[5];
389 $qossettings{'CBURST'} = $classline[6];
390 print "\ttc class add dev $qossettings{'DEVICE'} parent 2:1 classid 2:$qossettings{'CLASS'} htb rate $qossettings{'RATE'}kbit ceil $qossettings{'CEIL'}kbit prio $qossettings{'PRIO'} ";
391 if (($qossettings{'BURST'} ne '') && ($qossettings{'BURST'} ne 0)) {
392 print "burst $qossettings{'BURST'}k ";
393 }
394 if (($qossettings{'CBURST'} ne '') && ($qossettings{'CBURST'} ne 0)) {
395 print "cburst $qossettings{'CBURST'}k";
396 }
397 print "\n";
398 }
399 }
400 foreach $subclassentry (sort @subclasses) {
401 @subclassline = split( /\;/, $subclassentry );
402 if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
403 $qossettings{'DEVICE'} = $subclassline[0];
404 $qossettings{'CLASS'} = $subclassline[1];
405 $qossettings{'SCLASS'} = $subclassline[2];
406 $qossettings{'SPRIO'} = $subclassline[3];
407 $qossettings{'SRATE'} = $subclassline[4];
408 $qossettings{'SCEIL'} = $subclassline[5];
409 $qossettings{'SBURST'} = $subclassline[6];
410 $qossettings{'SCBURST'} = $subclassline[7];
411 print "\ttc class add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} classid 2:$qossettings{'SCLASS'} htb rate $qossettings{'SRATE'}kbit ceil $qossettings{'SCEIL'}kbit prio $qossettings{'SPRIO'} ";
412 if ($qossettings{'SBURST'} > 0) {
413 print "burst $qossettings{'SBURST'}k ";
414 }
415 if (($qossettings{'SCBURST'} ne '') && ($qossettings{'SCBURST'} ne 0)) {
416 print "cburst $qossettings{'CBURST'}k";
417 }
418 print "\n";
419 }
420 }
421
422 print "\n\t### ATTACH QDISC TO LEAF CLASSES\n";
423 foreach $classentry (sort @classes)
424 {
425 @classline = split( /\;/, $classentry );
426 if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
427 $qossettings{'DEVICE'} = $classline[0];
428 $qossettings{'CLASS'} = $classline[1];
429 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} handle $qossettings{'CLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
430 }
431 }
432 foreach $subclassentry (sort @subclasses) {
433 @subclassline = split( /\;/, $subclassentry );
434 if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
435 $qossettings{'DEVICE'} = $subclassline[0];
436 $qossettings{'SCLASS'} = $subclassline[2];
437 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 2:$qossettings{'SCLASS'} handle $qossettings{'SCLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
438 }
439 }
440 print "\n\t### FILTER TRAFFIC INTO CLASSES\n";
441 foreach $classentry (sort @classes)
442 {
443 @classline = split( /\;/, $classentry );
444 if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
445 $qossettings{'DEVICE'} = $classline[0];
446 $qossettings{'CLASS'} = $classline[1];
447 print "\ttc filter add dev $qossettings{'DEVICE'} parent 2:0 prio 0 protocol ip handle $qossettings{'CLASS'} fw flowid 2:$qossettings{'CLASS'}\n";
448 }
449 }
450 foreach $subclassentry (sort @subclasses) {
451 @subclassline = split( /\;/, $subclassentry );
452 if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
453 $qossettings{'DEVICE'} = $subclassline[0];
454 $qossettings{'CLASS'} = $subclassline[1];
455 $qossettings{'SCLASS'} = $subclassline[2];
456 print "\ttc filter add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} prio 0 protocol ip handle $qossettings{'SCLASS'} fw flowid 2:$qossettings{'SCLASS'}\n";
457 }
458 }
459 print <<END
460
461 ### ADD QOS-INC CHAIN TO THE MANGLE TABLE IN IPTABLES
462 iptables -t mangle -N QOS-INC
463 iptables -t mangle -A PREROUTING -i $qossettings{'RED_DEV'} -j IMQ --todev 0
464 iptables -t mangle -I PREROUTING -i $qossettings{'RED_DEV'} -j QOS-INC
465
466 ### SET LEVEL7-RULES
467 END
468 ;
469 foreach $l7ruleentry (sort @l7rules)
470 {
471 @l7ruleline = split( /\;/, $l7ruleentry );
472 if ( $l7ruleline[1] eq $qossettings{'IMQ_DEV'} )
473 {
474 $qossettings{'CLASS'} = $l7ruleline[0];
475 $qossettings{'DEVICE'} = $l7ruleline[1];
476 $qossettings{'L7PROT'} = $l7ruleline[2];
477 $qossettings{'QIP'} = $l7ruleline[3];
478 $qossettings{'DIP'} = $l7ruleline[4];
479 print "\tiptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} ";
480 if ($qossettings{'QIP'} ne ''){
481 print "-s $qossettings{'QIP'} ";
482 }
483 if ($qossettings{'DIP'} ne ''){
484 print "-d $qossettings{'DIP'} ";
485 }
486 print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j MARK --set-mark $qossettings{'CLASS'}\n";
487 print "\tiptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} ";
488 if ($qossettings{'QIP'} ne ''){
489 print "-s $qossettings{'QIP'} ";
490 }
491 if ($qossettings{'DIP'} ne ''){
492 print "-d $qossettings{'DIP'} ";
493 }
494 print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j RETURN\n";
495 }
496 }
497
498 print "\n\t### SET PORT-RULES\n";
499 foreach $portruleentry (sort @portrules)
500 {
501 @portruleline = split( /\;/, $portruleentry );
502 if ( $portruleline[1] eq $qossettings{'IMQ_DEV'} )
503 {
504 $qossettings{'CLASS'} = $portruleline[0];
505 $qossettings{'DEVICE'} = $portruleline[1];
506 $qossettings{'PPROT'} = $portruleline[2];
507 $qossettings{'QIP'} = $portruleline[3];
508 $qossettings{'QPORT'} = $portruleline[4];
509 $qossettings{'DIP'} = $portruleline[5];
510 $qossettings{'DPORT'} = $portruleline[6];
511 print "\tiptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} ";
512 if ($qossettings{'QIP'} ne ''){
513 print "-s $qossettings{'QIP'} ";
514 }
515 if ($qossettings{'DIP'} ne ''){
516 print "-d $qossettings{'DIP'} ";
517 }
518 print "-p $qossettings{'PPROT'} ";
519 if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
520 print "-m multiport ";
521 }
522 if ($qossettings{'QPORT'} ne ''){
523 print "--sport $qossettings{'QPORT'} ";
524 }
525 if ($qossettings{'DPORT'} ne ''){
526 print "--dport $qossettings{'DPORT'} ";
527 }
528 print "-j MARK --set-mark $qossettings{'CLASS'}\n";
529 print "\tiptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} ";
530 if ($qossettings{'QIP'} ne ''){
531 print "-s $qossettings{'QIP'} ";
532 }
533 if ($qossettings{'DIP'} ne ''){
534 print "-d $qossettings{'DIP'} ";
535 }
536 print "-p $qossettings{'PPROT'} ";
537 if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
538 print "-m multiport ";
539 }
540 if ($qossettings{'QPORT'} ne ''){
541 print "--sport $qossettings{'QPORT'} ";
542 }
543 if ($qossettings{'DPORT'} ne ''){
544 print "--dport $qossettings{'DPORT'} ";
545 }
546 print "-j RETURN\n\n";
547 }
548 }
549
550 print <<END
551 ### REDUNDANT: SET ALL NONMARKED PACKETS TO DEFAULT CLASS
552 iptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} -m mark --mark 0 -j MARK --set-mark $qossettings{'DEFCLASS_INC'}
553
554 echo "Quality of Service was successfully started!"
555 exit 0
556 ;;
557 clear|stop)
558 ### RESET EVERYTHING TO A KNOWN STATE
559 # DELETE QDISCS
560 tc qdisc del dev $qossettings{'RED_DEV'} root
561 tc qdisc del dev $qossettings{'IMQ_DEV'} root
562 # STOP IMQ-DEVICE
563 ip link set $qossettings{'IMQ_DEV'} down
564 iptables -t mangle --delete PREROUTING -i $qossettings{'RED_DEV'} -j IMQ --todev 0
565 rmmod imq
566 # REMOVE & FLUSH CHAINS
567 iptables -t mangle --delete POSTROUTING -o $qossettings{'RED_DEV'} -j QOS-OUT
568 iptables -t mangle --flush QOS-OUT
569 iptables -t mangle --delete-chain QOS-OUT
570 iptables -t mangle --delete PREROUTING -i $qossettings{'RED_DEV'} -j QOS-INC
571 iptables -t mangle --flush QOS-INC
572 iptables -t mangle --delete-chain QOS-INC
573 rmmod sch_htb
574 echo "Quality of Service was successfully cleared!"
575 ;;
576 gen|generate)
577 echo -n "Generateing the QoS-Scripts..."
578 /usr/bin/perl /var/ipfire/qos/bin/makeqosscripts.pl > /var/ipfire/qos/bin/qos.sh
579 echo ".Done!"
580 exit 0
581 ;;
582 restart)
583 ### FIRST CLEAR EVERYTHING
584 \$0 clear
585
586 ### THEN START
587 \$0 start
588 ;;
589 esac
590 ### EOF
591 END
592 ;
593
594 ############################################################################################################################
595 ############################################################################################################################
596
IPFire 2.x development tree