HinzugefĆ¼gt:
[ipfire-2.x.git] / config / qos / makeqosscripts.pl
1 #!/usr/bin/perl
2 #
3 # IPFire Scripts
4 #
5 # This code is distributed under the terms of the GPL
6 #
7 # (c) The IPFire Team
8 #
9
10 use strict;
11 # enable only the following on debugging purpose
12 use warnings;
13
14 require '/var/ipfire/general-functions.pl';
15 require "${General::swroot}/lang.pl";
16 require "${General::swroot}/header.pl";
17
18 my %qossettings = ();
19 my %checked = ();
20 my %netsettings = ();
21 my $message = "";
22 my $errormessage = "";
23 my $c = "";
24 my $direntry = "";
25 my $classentry = "";
26 my $subclassentry = "";
27 my $l7ruleentry = "";
28 my $portruleentry = "";
29 my @tmp = ();
30 my @classes = ();
31 my @subclasses = ();
32 my @l7rules = ();
33 my @portrules = ();
34 my @tmpline = ();
35 my @classline = ();
36 my @subclassline = ();
37 my @l7ruleline = ();
38 my @portruleline = ();
39 my @proto = ();
40 my %selected= () ;
41 my $classfile = "/var/ipfire/qos/classes";
42 my $subclassfile = "/var/ipfire/qos/subclasses";
43 my $level7file = "/var/ipfire/qos/level7config";
44 my $portfile = "/var/ipfire/qos/portconfig";
45
46 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
47
48 $qossettings{'ENABLED'} = 'off';
49 $qossettings{'EDIT'} = 'no';
50 $qossettings{'OUT_SPD'} = '';
51 $qossettings{'INC_SPD'} = '';
52 $qossettings{'DEF_OUT_SPD'} = '';
53 $qossettings{'DEF_INC_SPD'} = '';
54 $qossettings{'DEFCLASS_INC'} = '';
55 $qossettings{'DEFCLASS_OUT'} = '';
56 $qossettings{'ACK'} = '';
57 $qossettings{'MTU'} = '1492';
58 $qossettings{'RED_DEV'} = `cat /var/ipfire/red/iface`;
59 $qossettings{'IMQ_DEV'} = 'imq0';
60 $qossettings{'VALID'} = 'yes';
61
62 &General::readhash("${General::swroot}/qos/settings", \%qossettings);
63
64 open( FILE, "< $classfile" ) or die "Unable to read $classfile";
65 @classes = <FILE>;
66 close FILE;
67 open( FILE, "< $subclassfile" ) or die "Unable to read $subclassfile";
68 @subclasses = <FILE>;
69 close FILE;
70 open( FILE, "< $level7file" ) or die "Unable to read $level7file";
71 @l7rules = <FILE>;
72 close FILE;
73 open( FILE, "< $portfile" ) or die "Unable to read $portfile";
74 @portrules = <FILE>;
75 close FILE;
76
77 ############################################################################################################################
78 ############################################################################################################################
79
80 print <<END
81 #/bin/bash
82 #################################################
83 # This is an autocreated QoS-Script for         #
84 # IPFIRE                                        #
85 # Copyright by the IPFire Team (GPLv2)          #
86 # www.ipfire.org                                #
87 #################################################
88
89 ### SYSTEMVARIABLES:
90 # RED INTERFACE:        $qossettings{'RED_DEV'}
91 # IMQ DEVICE:           $qossettings{'IMQ_DEV'}
92
93 case "\$1" in
94
95   status)
96         echo "[qdisc]"
97         tc -s qdisc show dev $qossettings{'RED_DEV'}
98         tc -s qdisc show dev $qossettings{'IMQ_DEV'}
99         echo "[class]"
100         tc -s class show dev $qossettings{'RED_DEV'}
101         tc -s class show dev $qossettings{'IMQ_DEV'}
102         echo "[filter]"
103         tc -s filter show dev $qossettings{'RED_DEV'}
104         tc -s filter show dev $qossettings{'IMQ_DEV'}
105         echo "[iptables]"
106         iptables -t mangle -L QOS-OUT -v -x 2> /dev/null
107         iptables -t mangle -L QOS-INC -v -x 2> /dev/null
108         exit 0
109   ;;
110   start)
111         ### FIRST CLEAR EVERYTHING
112         \$0 clear
113
114         ###
115         ### $qossettings{'RED_DEV'}
116         ###
117
118         ### INIT KERNEL
119         modprobe sch_htb
120
121         ### SET QUEUE LENGTH & MTU - has just to be tested!!! IMPORTANT
122         ip link set dev $qossettings{'RED_DEV'} qlen $qossettings{'QLENGTH'}
123         ip link set dev $qossettings{'RED_DEV'} mtu $qossettings{'MTU'}
124
125         ### ADD HTB QDISC FOR $qossettings{'RED_DEV'}
126         tc qdisc add dev $qossettings{'RED_DEV'} root handle 1: htb default $qossettings{'DEFCLASS_OUT'}
127
128         ### MAIN RATE LIMIT
129         tc class add dev $qossettings{'RED_DEV'} parent 1: classid 1:1 htb rate $qossettings{'OUT_SPD'}kbit
130
131         ### CLASSES FOR $qossettings{'RED_DEV'}
132 END
133 ;
134 foreach $classentry (sort @classes)
135 {
136         @classline = split( /\;/, $classentry );
137         if ($qossettings{'RED_DEV'} eq $classline[0]) {
138                 $qossettings{'DEVICE'} = $classline[0];
139                 $qossettings{'CLASS'} = $classline[1];
140                 $qossettings{'PRIO'} = $classline[2];
141                 $qossettings{'RATE'} = $classline[3];
142                 $qossettings{'CEIL'} = $classline[4];
143                 $qossettings{'BURST'} = $classline[5];
144                 $qossettings{'CBURST'} = $classline[6];
145                 print "\ttc class add dev $qossettings{'DEVICE'} parent 1:1 classid 1:$qossettings{'CLASS'} htb rate $qossettings{'RATE'}kbit ceil $qossettings{'CEIL'}kbit prio $qossettings{'PRIO'} ";
146                 if ($qossettings{'BURST'} > 0) {
147                         print "burst $qossettings{'BURST'}k ";
148                 }
149                 if (($qossettings{'CBURST'} ne '') || ($qossettings{'CBURST'} ne 0)) {
150                         print "cburst $qossettings{'CBURST'}k";
151                 }
152                 print "\n";
153         }
154 }
155 foreach $subclassentry (sort @subclasses) {
156         @subclassline = split( /\;/, $subclassentry );
157         $qossettings{'DEVICE'} = $subclassline[0];
158         $qossettings{'CLASS'} = $subclassline[1];
159         $qossettings{'SCLASS'} = $subclassline[2];
160         $qossettings{'SPRIO'} = $subclassline[3];
161         $qossettings{'SRATE'} = $subclassline[4];
162         $qossettings{'SCEIL'} = $subclassline[5];
163         $qossettings{'SBURST'} = $subclassline[6];
164         $qossettings{'SCBURST'} = $subclassline[7];
165         print "\ttc class add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} classid 1:$qossettings{'SCLASS'} htb rate $qossettings{'SRATE'}kbit ceil $qossettings{'SCEIL'}kbit prio $qossettings{'SPRIO'} ";
166         if ($qossettings{'SBURST'} > 0) {
167                 print "burst $qossettings{'SBURST'}k ";
168         }
169         if (($qossettings{'SCBURST'} ne '') || ($qossettings{'SCBURST'} ne 0)) {
170                 print "cburst $qossettings{'CBURST'}k";
171         }
172         print "\n";
173 }
174
175 print "\n\t### ATTACH QDISC TO LEAF CLASSES\n";
176 foreach $classentry (sort @classes)
177 {
178         @classline = split( /\;/, $classentry );
179         if ($qossettings{'RED_DEV'} eq $classline[0]) {
180                 $qossettings{'DEVICE'} = $classline[0];
181                 $qossettings{'CLASS'} = $classline[1];
182                 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} handle $qossettings{'CLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
183         }
184 }
185 foreach $subclassentry (sort @subclasses) {
186         @subclassline = split( /\;/, $subclassentry );
187         if ($qossettings{'RED_DEV'} eq $subclassline[0]) {
188                 $qossettings{'DEVICE'} = $subclassline[0];
189                 $qossettings{'SCLASS'} = $subclassline[2];
190                 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 1:$qossettings{'SCLASS'} handle $qossettings{'SCLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
191         }
192 }
193 print "\n\t### FILTER TRAFFIC INTO CLASSES\n";
194 foreach $classentry (sort @classes)
195 {
196         @classline = split( /\;/, $classentry );
197         if ($qossettings{'RED_DEV'} eq $classline[0]) {
198                 $qossettings{'DEVICE'} = $classline[0];
199                 $qossettings{'CLASS'} = $classline[1];
200                 print "\ttc filter add dev $qossettings{'DEVICE'} parent 1:0 prio 0 protocol ip handle $qossettings{'CLASS'} fw flowid 1:$qossettings{'CLASS'}\n";
201         }
202 }
203 foreach $subclassentry (sort @subclasses) {
204         @subclassline = split( /\;/, $subclassentry );
205         if ($qossettings{'RED_DEV'} eq $subclassline[0]) {
206                 $qossettings{'DEVICE'} = $subclassline[0];
207                 $qossettings{'CLASS'} = $subclassline[1];
208                 $qossettings{'SCLASS'} = $subclassline[2];
209                 print "\ttc filter add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} prio 0 protocol ip handle $qossettings{'SCLASS'} fw flowid 1:$qossettings{'SCLASS'}\n";
210         }
211 }
212 print <<END
213
214         ### ADD QOS-OUT CHAIN TO THE MANGLE TABLE IN IPTABLES
215         iptables -t mangle -N QOS-OUT
216         iptables -t mangle -I POSTROUTING -o $qossettings{'RED_DEV'} -j QOS-OUT
217
218         ### MARK ACKs
219         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j TOS --set-tos 4
220         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j MARK --set-mark $qossettings{'ACK'}
221         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j RETURN
222
223         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p icmp -m length --length 40:100 -j MARK --set-mark $qossettings{'ACK'}
224         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p icmp -m length --length 40:100 -j RETURN
225
226         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j TOS --set-tos 4
227         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j MARK --set-mark $qossettings{'ACK'}
228         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j RETURN
229
230         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j TOS --set-tos 4
231         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j MARK --set-mark $qossettings{'ACK'}
232         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j RETURN
233
234         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j TOS --set-tos 4
235         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j MARK --set-mark $qossettings{'ACK'}
236         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j RETURN
237
238         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j TOS --set-tos 4
239         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j MARK --set-mark $qossettings{'ACK'}
240         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j RETURN
241
242         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j TOS --set-tos 4
243         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j MARK --set-mark $qossettings{'ACK'}
244         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j RETURN
245
246         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j TOS --set-tos 4
247         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j MARK --set-mark $qossettings{'ACK'}
248         iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j RETURN
249
250         ### SET LEVEL7-RULES
251 END
252 ;
253         foreach $l7ruleentry (sort @l7rules)
254         {
255                 @l7ruleline = split( /\;/, $l7ruleentry );
256                 if ( $l7ruleline[1] eq $qossettings{'RED_DEV'} )
257                 {
258                         $qossettings{'CLASS'} = $l7ruleline[0];
259                         $qossettings{'DEVICE'} = $l7ruleline[1];
260                         $qossettings{'L7PROT'} = $l7ruleline[2];
261                         $qossettings{'QIP'} = $l7ruleline[3];
262                         $qossettings{'DIP'} = $l7ruleline[4];
263                         print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'DEVICE'} ";
264                         if ($qossettings{'QIP'} ne ''){
265                                 print "-s $qossettings{'QIP'} ";
266                         }
267                         if ($qossettings{'DIP'} ne ''){
268                                 print "-d $qossettings{'DIP'} ";
269                         }
270                         print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j MARK --set-mark $qossettings{'CLASS'}\n";
271                 }
272         }
273
274 print "\n\t### SET PORT-RULES\n";
275         foreach $portruleentry (sort @portrules)
276         {
277                 @portruleline = split( /\;/, $portruleentry );
278                 if ( $portruleline[1] eq $qossettings{'RED_DEV'} )
279                 {
280                         $qossettings{'CLASS'} = $portruleline[0];
281                         $qossettings{'DEVICE'} = $portruleline[1];
282                         $qossettings{'PPROT'} = $portruleline[2];
283                         $qossettings{'QIP'} = $portruleline[3];
284                         $qossettings{'QPORT'} = $portruleline[4];
285                         $qossettings{'DIP'} = $portruleline[5];
286                         $qossettings{'DPORT'} = $portruleline[6];
287                         print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'DEVICE'} ";
288                         if ($qossettings{'QIP'} ne ''){
289                                 print "-s $qossettings{'QIP'} ";
290                         }
291                         if ($qossettings{'DIP'} ne ''){
292                                 print "-d $qossettings{'DIP'} ";
293                         }
294                         print "-p $qossettings{'PPROT'} ";
295                         if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
296                                 print "-m multiport ";
297                         }
298                         if ($qossettings{'QPORT'} ne ''){
299                                 print "--sport $qossettings{'QPORT'} ";
300                         }
301                         if ($qossettings{'DPORT'} ne ''){
302                                 print "--dport $qossettings{'DPORT'} ";
303                         }
304                         print "-j MARK --set-mark $qossettings{'CLASS'}\n";
305                         print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'DEVICE'} ";
306                         if ($qossettings{'QIP'} ne ''){
307                                 print "-s $qossettings{'QIP'} ";
308                         }
309                         if ($qossettings{'DIP'} ne ''){
310                                 print "-d $qossettings{'DIP'} ";
311                         }
312                         print "-p $qossettings{'PPROT'} ";
313                         if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
314                                 print "-m multiport ";
315                         }
316                         if ($qossettings{'QPORT'} ne ''){
317                                 print "--sport $qossettings{'QPORT'} ";
318                         }
319                         if ($qossettings{'DPORT'} ne ''){
320                                 print "--dport $qossettings{'DPORT'} ";
321                         }
322                         print "-j RETURN\n\n";
323                 }
324         }
325
326 print <<END
327
328         ### REDUNDANT: SET ALL NONMARKED PACKETS TO DEFAULT CLASS
329         iptables -t mangle -A QOS-OUT -m mark --mark 0 -j MARK --set-mark $qossettings{'DEFCLASS_OUT'}
330
331         ###
332         ### $qossettings{'IMQ_DEV'}
333         ###
334
335         ### BRING UP $qossettings{'IMQ_DEV'}
336         modprobe imq numdevs=1
337         ip link set $qossettings{'IMQ_DEV'} up
338
339         ### SET QUEUE LENGTH & MTU - has just to be tested!!! IMPORTANT
340         ip link set dev $qossettings{'IMQ_DEV'} qlen $qossettings{'QLENGTH'}
341         ip link set dev $qossettings{'IMQ_DEV'} mtu $qossettings{'MTU'}
342
343         ### ADD HTB QDISC FOR $qossettings{'IMQ_DEV'}
344         tc qdisc add dev $qossettings{'IMQ_DEV'} root handle 2: htb default $qossettings{'DEFCLASS_INC'}
345
346         ### MAIN RATE LIMIT
347         tc class add dev $qossettings{'IMQ_DEV'} parent 2: classid 2:1 htb rate $qossettings{'INC_SPD'}kbit
348
349         ### CLASSES FOR $qossettings{'IMQ_DEV'}
350 END
351 ;
352 foreach $classentry (sort @classes)
353 {
354         @classline = split( /\;/, $classentry );
355         if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
356                 $qossettings{'DEVICE'} = $classline[0];
357                 $qossettings{'CLASS'} = $classline[1];
358                 $qossettings{'PRIO'} = $classline[2];
359                 $qossettings{'RATE'} = $classline[3];
360                 $qossettings{'CEIL'} = $classline[4];
361                 $qossettings{'BURST'} = $classline[5];
362                 $qossettings{'CBURST'} = $classline[6];
363                 print "\ttc class add dev $qossettings{'DEVICE'} parent 2:1 classid 2:$qossettings{'CLASS'} htb rate $qossettings{'RATE'}kbit ceil $qossettings{'CEIL'}kbit prio $qossettings{'PRIO'} ";
364                 if ($qossettings{'BURST'} > 0) {
365                         print "burst $qossettings{'BURST'}k ";
366                 }
367                 if (($qossettings{'CBURST'} ne '') || ($qossettings{'CBURST'} ne 0)) {
368                         print "cburst $qossettings{'CBURST'}k";
369                 }
370                 print "\n";
371         }
372 }
373 foreach $subclassentry (sort @subclasses) {
374         @subclassline = split( /\;/, $subclassentry );
375         if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
376                 $qossettings{'DEVICE'} = $subclassline[0];
377                 $qossettings{'CLASS'} = $subclassline[1];
378                 $qossettings{'SCLASS'} = $subclassline[2];
379                 $qossettings{'SPRIO'} = $subclassline[3];
380                 $qossettings{'SRATE'} = $subclassline[4];
381                 $qossettings{'SCEIL'} = $subclassline[5];
382                 $qossettings{'SBURST'} = $subclassline[6];
383                 $qossettings{'SCBURST'} = $subclassline[7];
384                 print "\ttc class add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} classid 2:$qossettings{'SCLASS'} htb rate $qossettings{'SRATE'}kbit ceil $qossettings{'SCEIL'}kbit prio $qossettings{'SPRIO'} ";
385                 if ($qossettings{'SBURST'} > 0) {
386                         print "burst $qossettings{'SBURST'}k ";
387                 }
388                 if (($qossettings{'SCBURST'} ne '') || ($qossettings{'SCBURST'} ne 0)) {
389                         print "cburst $qossettings{'CBURST'}k";
390                 }
391                 print "\n";
392         }
393 }
394
395 print "\n\t### ATTACH QDISC TO LEAF CLASSES\n";
396 foreach $classentry (sort @classes)
397 {
398         @classline = split( /\;/, $classentry );
399         if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
400                 $qossettings{'DEVICE'} = $classline[0];
401                 $qossettings{'CLASS'} = $classline[1];
402                 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} handle $qossettings{'CLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
403         }
404 }
405 foreach $subclassentry (sort @subclasses) {
406         @subclassline = split( /\;/, $subclassentry );
407         if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
408                 $qossettings{'DEVICE'} = $subclassline[0];
409                 $qossettings{'SCLASS'} = $subclassline[2];
410                 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 2:$qossettings{'SCLASS'} handle $qossettings{'SCLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
411         }
412 }
413 print "\n\t### FILTER TRAFFIC INTO CLASSES\n";
414 foreach $classentry (sort @classes)
415 {
416         @classline = split( /\;/, $classentry );
417         if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
418                 $qossettings{'DEVICE'} = $classline[0];
419                 $qossettings{'CLASS'} = $classline[1];
420                 print "\ttc filter add dev $qossettings{'DEVICE'} parent 2:0 prio 0 protocol ip handle $qossettings{'CLASS'} fw flowid 2:$qossettings{'CLASS'}\n";
421         }
422 }
423 foreach $subclassentry (sort @subclasses) {
424         @subclassline = split( /\;/, $subclassentry );
425         if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
426                 $qossettings{'DEVICE'} = $subclassline[0];
427                 $qossettings{'CLASS'} = $subclassline[1];
428                 $qossettings{'SCLASS'} = $subclassline[2];
429                 print "\ttc filter add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} prio 0 protocol ip handle $qossettings{'SCLASS'} fw flowid 2:$qossettings{'SCLASS'}\n";
430         }
431 }
432 print <<END
433
434         ### ADD QOS-OUT CHAIN TO THE MANGLE TABLE IN IPTABLES
435         iptables -t mangle -N QOS-INC
436         iptables -t mangle -I POSTROUTING -o $qossettings{'IMQ_DEV'} -j QOS-INC
437
438         ### SET LEVEL7-RULES
439 END
440 ;
441         foreach $l7ruleentry (sort @l7rules)
442         {
443                 @l7ruleline = split( /\;/, $l7ruleentry );
444                 if ( $l7ruleline[1] eq $qossettings{'IMQ_DEV'} )
445                 {
446                         $qossettings{'CLASS'} = $l7ruleline[0];
447                         $qossettings{'DEVICE'} = $l7ruleline[1];
448                         $qossettings{'L7PROT'} = $l7ruleline[2];
449                         $qossettings{'QIP'} = $l7ruleline[3];
450                         $qossettings{'DIP'} = $l7ruleline[4];
451                         print "\tiptables -t mangle -A QOS-INC -o $qossettings{'DEVICE'} ";
452                         if ($qossettings{'QIP'} ne ''){
453                                 print "-s $qossettings{'QIP'} ";
454                         }
455                         if ($qossettings{'DIP'} ne ''){
456                                 print "-d $qossettings{'DIP'} ";
457                         }
458                         print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j MARK --set-mark $qossettings{'CLASS'}\n";
459                 }
460         }
461
462 print "\n\t### SET PORT-RULES\n";
463         foreach $portruleentry (sort @portrules)
464         {
465                 @portruleline = split( /\;/, $portruleentry );
466                 if ( $portruleline[1] eq $qossettings{'IMQ_DEV'} )
467                 {
468                         $qossettings{'CLASS'} = $portruleline[0];
469                         $qossettings{'DEVICE'} = $portruleline[1];
470                         $qossettings{'PPROT'} = $portruleline[2];
471                         $qossettings{'QIP'} = $portruleline[3];
472                         $qossettings{'QPORT'} = $portruleline[4];
473                         $qossettings{'DIP'} = $portruleline[5];
474                         $qossettings{'DPORT'} = $portruleline[6];
475                         print "\tiptables -t mangle -A QOS-INC -o $qossettings{'DEVICE'} ";
476                         if ($qossettings{'QIP'} ne ''){
477                                 print "-s $qossettings{'QIP'} ";
478                         }
479                         if ($qossettings{'DIP'} ne ''){
480                                 print "-d $qossettings{'DIP'} ";
481                         }
482                         print "-p $qossettings{'PPROT'} ";
483                         if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
484                                 print "-m multiport ";
485                         }
486                         if ($qossettings{'QPORT'} ne ''){
487                                 print "--sport $qossettings{'QPORT'} ";
488                         }
489                         if ($qossettings{'DPORT'} ne ''){
490                                 print "--dport $qossettings{'DPORT'} ";
491                         }
492                         print "-j MARK --set-mark $qossettings{'CLASS'}\n";
493                         print "\tiptables -t mangle -A QOS-INC -o $qossettings{'DEVICE'} ";
494                         if ($qossettings{'QIP'} ne ''){
495                                 print "-s $qossettings{'QIP'} ";
496                         }
497                         if ($qossettings{'DIP'} ne ''){
498                                 print "-d $qossettings{'DIP'} ";
499                         }
500                         print "-p $qossettings{'PPROT'} ";
501                         if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
502                                 print "-m multiport ";
503                         }
504                         if ($qossettings{'QPORT'} ne ''){
505                                 print "--sport $qossettings{'QPORT'} ";
506                         }
507                         if ($qossettings{'DPORT'} ne ''){
508                                 print "--dport $qossettings{'DPORT'} ";
509                         }
510                         print "-j RETURN\n\n";
511                 }
512         }
513
514 print <<END
515
516         ### REDUNDANT: SET ALL NONMARKED PACKETS TO DEFAULT CLASS
517         iptables -t mangle -A QOS-INC -m mark --mark 0 -j MARK --set-mark $qossettings{'DEFCLASS_INC'}
518
519         echo "Quality of Service was successfully started!"
520         exit 0
521   ;;
522   clear)
523         ### RESET EVERYTHING TO A KNOWN STATE
524         # DELETE QDISCS
525         tc qdisc del dev $qossettings{'RED_DEV'} root &> /dev/null
526         tc qdisc del dev $qossettings{'IMQ_DEV'} root &> /dev/null
527         # REMOVE & FLUSH CHAINS
528         iptables -t mangle -D POSTROURING -o $qossettings{'RED_DEV'} -j QOS-OUT &> /dev/null
529         iptables -t mangle -F QOS-OUT &> /dev/null
530         iptables -t mangle -X QOS-OUT &> /dev/null
531         iptables -t mangle -D POSTROURING -o $qossettings{'IMQ_DEV'} -j QOS-INC &> /dev/null
532         iptables -t mangle -F QOS-INC &> /dev/null
533         iptables -t mangle -X QOS-INC &> /dev/null
534         # STOP IMQ-DEVICE
535         ip link set $qossettings{'IMQ_DEV'} down &> /dev/null
536         rmmod imq &> /dev/null
537         rmmod sch_htb &> /dev/null
538         echo "Quality of Service was successfully cleared!"
539   ;;
540 esac
541 ### EOF
542 END
543 ;
544
545 ############################################################################################################################
546 ############################################################################################################################
547