]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blame_incremental - config/qos/makeqosscripts.pl
projects / people / pmueller / ipfire-2.x.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
GeƤndert:
[people/pmueller/ipfire-2.x.git] / config / qos / makeqosscripts.pl
... / ...
CommitLineData
1#!/usr/bin/perl
2#
3# IPFire Scripts
4#
5# This code is distributed under the terms of the GPL
6#
7# (c) The IPFire Team
8#
9
10use strict;
11# enable only the following on debugging purpose
12use warnings;
13
14require '/var/ipfire/general-functions.pl';
15require "${General::swroot}/lang.pl";
16require "${General::swroot}/header.pl";
17
18my %qossettings = ();
19my %checked = ();
20my %netsettings = ();
21my $message = "";
22my $errormessage = "";
23my $c = "";
24my $direntry = "";
25my $classentry = "";
26my $subclassentry = "";
27my $l7ruleentry = "";
28my $portruleentry = "";
29my @tmp = ();
30my @classes = ();
31my @subclasses = ();
32my @l7rules = ();
33my @portrules = ();
34my @tmpline = ();
35my @classline = ();
36my @subclassline = ();
37my @l7ruleline = ();
38my @portruleline = ();
39my @proto = ();
40my %selected= () ;
41my $classfile = "/var/ipfire/qos/classes";
42my $subclassfile = "/var/ipfire/qos/subclasses";
43my $level7file = "/var/ipfire/qos/level7config";
44my $portfile = "/var/ipfire/qos/portconfig";
45
46&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
47
48$qossettings{'ENABLED'} = 'off';
49$qossettings{'EDIT'} = 'no';
50$qossettings{'OUT_SPD'} = '';
51$qossettings{'INC_SPD'} = '';
52$qossettings{'DEF_OUT_SPD'} = '';
53$qossettings{'DEF_INC_SPD'} = '';
54$qossettings{'DEFCLASS_INC'} = '';
55$qossettings{'DEFCLASS_OUT'} = '';
56$qossettings{'ACK'} = '';
57$qossettings{'MTU'} = '1492';
58$qossettings{'RED_DEV'} = `cat /var/ipfire/red/iface`;
59$qossettings{'IMQ_DEV'} = 'imq0';
60$qossettings{'VALID'} = 'yes';
61
62&General::readhash("${General::swroot}/qos/settings", \%qossettings);
63
64open( FILE, "< $classfile" ) or die "Unable to read $classfile";
65@classes = <FILE>;
66close FILE;
67open( FILE, "< $subclassfile" ) or die "Unable to read $subclassfile";
68@subclasses = <FILE>;
69close FILE;
70open( FILE, "< $level7file" ) or die "Unable to read $level7file";
71@l7rules = <FILE>;
72close FILE;
73open( FILE, "< $portfile" ) or die "Unable to read $portfile";
74@portrules = <FILE>;
75close FILE;
76
77############################################################################################################################
78############################################################################################################################
79
80print <<END
81#/bin/bash
82#################################################
83# This is an autocreated QoS-Script for #
84# IPFIRE #
85# Copyright by the IPFire Team (GPLv2) #
86# www.ipfire.org #
87#################################################
88
89### SYSTEMVARIABLES:
90# RED INTERFACE: $qossettings{'RED_DEV'}
91# IMQ DEVICE: $qossettings{'IMQ_DEV'}
92
93case "\$1" in
94
95 status)
96 echo "[qdisc]"
97 tc -s qdisc show dev $qossettings{'RED_DEV'}
98 tc -s qdisc show dev $qossettings{'IMQ_DEV'}
99 echo "[class]"
100 tc -s class show dev $qossettings{'RED_DEV'}
101 tc -s class show dev $qossettings{'IMQ_DEV'}
102 echo "[filter]"
103 tc -s filter show dev $qossettings{'RED_DEV'}
104 tc -s filter show dev $qossettings{'IMQ_DEV'}
105 echo "[iptables]"
106 iptables -t mangle -L QOS-OUT -v -x 2> /dev/null
107 iptables -t mangle -L QOS-INC -v -x 2> /dev/null
108 exit 0
109 ;;
110 start)
111 ### FIRST CLEAR EVERYTHING
112 \$0 clear
113
114 ###
115 ### $qossettings{'RED_DEV'}
116 ###
117
118 ### INIT KERNEL
119 modprobe sch_htb
120
121 ### SET QUEUE LENGTH & MTU - has just to be tested!!! IMPORTANT
122 ip link set dev $qossettings{'RED_DEV'} qlen $qossettings{'QLENGTH'}
123 ip link set dev $qossettings{'RED_DEV'} mtu $qossettings{'MTU'}
124
125 ### ADD HTB QDISC FOR $qossettings{'RED_DEV'}
126 tc qdisc add dev $qossettings{'RED_DEV'} root handle 1: htb default $qossettings{'DEFCLASS_OUT'}
127
128 ### MAIN RATE LIMIT
129 tc class add dev $qossettings{'RED_DEV'} parent 1: classid 1:1 htb rate $qossettings{'OUT_SPD'}kbit
130
131 ### CLASSES FOR $qossettings{'RED_DEV'}
132END
133;
134foreach $classentry (sort @classes)
135{
136 @classline = split( /\;/, $classentry );
137 if ($qossettings{'RED_DEV'} eq $classline[0]) {
138 $qossettings{'DEVICE'} = $classline[0];
139 $qossettings{'CLASS'} = $classline[1];
140 $qossettings{'PRIO'} = $classline[2];
141 $qossettings{'RATE'} = $classline[3];
142 $qossettings{'CEIL'} = $classline[4];
143 $qossettings{'BURST'} = $classline[5];
144 $qossettings{'CBURST'} = $classline[6];
145 print "\ttc class add dev $qossettings{'DEVICE'} parent 1:1 classid 1:$qossettings{'CLASS'} htb rate $qossettings{'RATE'}kbit ceil $qossettings{'CEIL'}kbit prio $qossettings{'PRIO'} ";
146 if ($qossettings{'BURST'} > 0) {
147 print "burst $qossettings{'BURST'}k ";
148 }
149 if (($qossettings{'CBURST'} ne '') && ($qossettings{'CBURST'} ne 0)) {
150 print "cburst $qossettings{'CBURST'}k";
151 }
152 print "\n";
153 }
154}
155foreach $subclassentry (sort @subclasses) {
156 @subclassline = split( /\;/, $subclassentry );
157 $qossettings{'DEVICE'} = $subclassline[0];
158 $qossettings{'CLASS'} = $subclassline[1];
159 $qossettings{'SCLASS'} = $subclassline[2];
160 $qossettings{'SPRIO'} = $subclassline[3];
161 $qossettings{'SRATE'} = $subclassline[4];
162 $qossettings{'SCEIL'} = $subclassline[5];
163 $qossettings{'SBURST'} = $subclassline[6];
164 $qossettings{'SCBURST'} = $subclassline[7];
165 print "\ttc class add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} classid 1:$qossettings{'SCLASS'} htb rate $qossettings{'SRATE'}kbit ceil $qossettings{'SCEIL'}kbit prio $qossettings{'SPRIO'} ";
166 if ($qossettings{'SBURST'} > 0) {
167 print "burst $qossettings{'SBURST'}k ";
168 }
169 if (($qossettings{'SCBURST'} ne '') && ($qossettings{'SCBURST'} ne 0)) {
170 print "cburst $qossettings{'CBURST'}k";
171 }
172 print "\n";
173}
174
175print "\n\t### ATTACH QDISC TO LEAF CLASSES\n";
176foreach $classentry (sort @classes)
177{
178 @classline = split( /\;/, $classentry );
179 if ($qossettings{'RED_DEV'} eq $classline[0]) {
180 $qossettings{'DEVICE'} = $classline[0];
181 $qossettings{'CLASS'} = $classline[1];
182 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} handle $qossettings{'CLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
183 }
184}
185foreach $subclassentry (sort @subclasses) {
186 @subclassline = split( /\;/, $subclassentry );
187 if ($qossettings{'RED_DEV'} eq $subclassline[0]) {
188 $qossettings{'DEVICE'} = $subclassline[0];
189 $qossettings{'SCLASS'} = $subclassline[2];
190 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 1:$qossettings{'SCLASS'} handle $qossettings{'SCLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
191 }
192}
193print "\n\t### FILTER TRAFFIC INTO CLASSES\n";
194foreach $classentry (sort @classes)
195{
196 @classline = split( /\;/, $classentry );
197 if ($qossettings{'RED_DEV'} eq $classline[0]) {
198 $qossettings{'DEVICE'} = $classline[0];
199 $qossettings{'CLASS'} = $classline[1];
200 print "\ttc filter add dev $qossettings{'DEVICE'} parent 1:0 prio 0 protocol ip handle $qossettings{'CLASS'} fw flowid 1:$qossettings{'CLASS'}\n";
201 }
202}
203foreach $subclassentry (sort @subclasses) {
204 @subclassline = split( /\;/, $subclassentry );
205 if ($qossettings{'RED_DEV'} eq $subclassline[0]) {
206 $qossettings{'DEVICE'} = $subclassline[0];
207 $qossettings{'CLASS'} = $subclassline[1];
208 $qossettings{'SCLASS'} = $subclassline[2];
209 print "\ttc filter add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} prio 0 protocol ip handle $qossettings{'SCLASS'} fw flowid 1:$qossettings{'SCLASS'}\n";
210 }
211}
212print <<END
213
214 ### ADD QOS-OUT CHAIN TO THE MANGLE TABLE IN IPTABLES
215 iptables -t mangle -N QOS-OUT
216 iptables -t mangle -I POSTROUTING -o $qossettings{'RED_DEV'} -j QOS-OUT
217
218 ### MARK ACKs
219 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j TOS --set-tos 4
220 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j MARK --set-mark $qossettings{'ACK'}
221 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j RETURN
222
223 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p icmp -m length --length 40:100 -j MARK --set-mark $qossettings{'ACK'}
224 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p icmp -m length --length 40:100 -j RETURN
225
226 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j TOS --set-tos 4
227 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j MARK --set-mark $qossettings{'ACK'}
228 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j RETURN
229
230 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j TOS --set-tos 4
231 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j MARK --set-mark $qossettings{'ACK'}
232 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j RETURN
233
234 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j TOS --set-tos 4
235 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j MARK --set-mark $qossettings{'ACK'}
236 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j RETURN
237
238 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j TOS --set-tos 4
239 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j MARK --set-mark $qossettings{'ACK'}
240 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j RETURN
241
242 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j TOS --set-tos 4
243 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j MARK --set-mark $qossettings{'ACK'}
244 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j RETURN
245
246 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j TOS --set-tos 4
247 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j MARK --set-mark $qossettings{'ACK'}
248 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j RETURN
249
250 ### SET LEVEL7-RULES
251END
252;
253 foreach $l7ruleentry (sort @l7rules)
254 {
255 @l7ruleline = split( /\;/, $l7ruleentry );
256 if ( $l7ruleline[1] eq $qossettings{'RED_DEV'} )
257 {
258 $qossettings{'CLASS'} = $l7ruleline[0];
259 $qossettings{'DEVICE'} = $l7ruleline[1];
260 $qossettings{'L7PROT'} = $l7ruleline[2];
261 $qossettings{'QIP'} = $l7ruleline[3];
262 $qossettings{'DIP'} = $l7ruleline[4];
263 print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'DEVICE'} ";
264 if ($qossettings{'QIP'} ne ''){
265 print "-s $qossettings{'QIP'} ";
266 }
267 if ($qossettings{'DIP'} ne ''){
268 print "-d $qossettings{'DIP'} ";
269 }
270 print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j MARK --set-mark $qossettings{'CLASS'}\n";
271 print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'DEVICE'} ";
272 if ($qossettings{'QIP'} ne ''){
273 print "-s $qossettings{'QIP'} ";
274 }
275 if ($qossettings{'DIP'} ne ''){
276 print "-d $qossettings{'DIP'} ";
277 }
278 print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j RETURN\n";
279 }
280 }
281
282print "\n\t### SET PORT-RULES\n";
283 foreach $portruleentry (sort @portrules)
284 {
285 @portruleline = split( /\;/, $portruleentry );
286 if ( $portruleline[1] eq $qossettings{'RED_DEV'} )
287 {
288 $qossettings{'CLASS'} = $portruleline[0];
289 $qossettings{'DEVICE'} = $portruleline[1];
290 $qossettings{'PPROT'} = $portruleline[2];
291 $qossettings{'QIP'} = $portruleline[3];
292 $qossettings{'QPORT'} = $portruleline[4];
293 $qossettings{'DIP'} = $portruleline[5];
294 $qossettings{'DPORT'} = $portruleline[6];
295 print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'DEVICE'} ";
296 if ($qossettings{'QIP'} ne ''){
297 print "-s $qossettings{'QIP'} ";
298 }
299 if ($qossettings{'DIP'} ne ''){
300 print "-d $qossettings{'DIP'} ";
301 }
302 print "-p $qossettings{'PPROT'} ";
303 if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
304 print "-m multiport ";
305 }
306 if ($qossettings{'QPORT'} ne ''){
307 print "--sport $qossettings{'QPORT'} ";
308 }
309 if ($qossettings{'DPORT'} ne ''){
310 print "--dport $qossettings{'DPORT'} ";
311 }
312 print "-j MARK --set-mark $qossettings{'CLASS'}\n";
313 print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'DEVICE'} ";
314 if ($qossettings{'QIP'} ne ''){
315 print "-s $qossettings{'QIP'} ";
316 }
317 if ($qossettings{'DIP'} ne ''){
318 print "-d $qossettings{'DIP'} ";
319 }
320 print "-p $qossettings{'PPROT'} ";
321 if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
322 print "-m multiport ";
323 }
324 if ($qossettings{'QPORT'} ne ''){
325 print "--sport $qossettings{'QPORT'} ";
326 }
327 if ($qossettings{'DPORT'} ne ''){
328 print "--dport $qossettings{'DPORT'} ";
329 }
330 print "-j RETURN\n\n";
331 }
332 }
333
334print <<END
335
336 ### REDUNDANT: SET ALL NONMARKED PACKETS TO DEFAULT CLASS
337 iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -m mark --mark 0 -j MARK --set-mark $qossettings{'DEFCLASS_OUT'}
338
339 ###
340 ### $qossettings{'IMQ_DEV'}
341 ###
342
343 ### BRING UP $qossettings{'IMQ_DEV'}
344 if [ `lsmod | grep -q ipt_IMQ` ]; then
345 insmod ipt_IMQ
346 sleep 2
347 fi
348 modprobe imq numdevs=1
349 ip link set $qossettings{'IMQ_DEV'} up
350
351 ### SET QUEUE LENGTH & MTU - has just to be tested!!! IMPORTANT
352 ip link set dev $qossettings{'IMQ_DEV'} qlen $qossettings{'QLENGTH'}
353 ip link set dev $qossettings{'IMQ_DEV'} mtu $qossettings{'MTU'}
354
355 ### ADD HTB QDISC FOR $qossettings{'IMQ_DEV'}
356 tc qdisc add dev $qossettings{'IMQ_DEV'} root handle 2: htb default $qossettings{'DEFCLASS_INC'}
357
358 ### MAIN RATE LIMIT
359 tc class add dev $qossettings{'IMQ_DEV'} parent 2: classid 2:1 htb rate $qossettings{'INC_SPD'}kbit
360
361 ### CLASSES FOR $qossettings{'IMQ_DEV'}
362END
363;
364foreach $classentry (sort @classes)
365{
366 @classline = split( /\;/, $classentry );
367 if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
368 $qossettings{'DEVICE'} = $classline[0];
369 $qossettings{'CLASS'} = $classline[1];
370 $qossettings{'PRIO'} = $classline[2];
371 $qossettings{'RATE'} = $classline[3];
372 $qossettings{'CEIL'} = $classline[4];
373 $qossettings{'BURST'} = $classline[5];
374 $qossettings{'CBURST'} = $classline[6];
375 print "\ttc class add dev $qossettings{'DEVICE'} parent 2:1 classid 2:$qossettings{'CLASS'} htb rate $qossettings{'RATE'}kbit ceil $qossettings{'CEIL'}kbit prio $qossettings{'PRIO'} ";
376 if ($qossettings{'BURST'} > 0) {
377 print "burst $qossettings{'BURST'}k ";
378 }
379 if (($qossettings{'CBURST'} ne '') || ($qossettings{'CBURST'} ne 0)) {
380 print "cburst $qossettings{'CBURST'}k";
381 }
382 print "\n";
383 }
384}
385foreach $subclassentry (sort @subclasses) {
386 @subclassline = split( /\;/, $subclassentry );
387 if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
388 $qossettings{'DEVICE'} = $subclassline[0];
389 $qossettings{'CLASS'} = $subclassline[1];
390 $qossettings{'SCLASS'} = $subclassline[2];
391 $qossettings{'SPRIO'} = $subclassline[3];
392 $qossettings{'SRATE'} = $subclassline[4];
393 $qossettings{'SCEIL'} = $subclassline[5];
394 $qossettings{'SBURST'} = $subclassline[6];
395 $qossettings{'SCBURST'} = $subclassline[7];
396 print "\ttc class add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} classid 2:$qossettings{'SCLASS'} htb rate $qossettings{'SRATE'}kbit ceil $qossettings{'SCEIL'}kbit prio $qossettings{'SPRIO'} ";
397 if ($qossettings{'SBURST'} > 0) {
398 print "burst $qossettings{'SBURST'}k ";
399 }
400 if (($qossettings{'SCBURST'} ne '') || ($qossettings{'SCBURST'} ne 0)) {
401 print "cburst $qossettings{'CBURST'}k";
402 }
403 print "\n";
404 }
405}
406
407print "\n\t### ATTACH QDISC TO LEAF CLASSES\n";
408foreach $classentry (sort @classes)
409{
410 @classline = split( /\;/, $classentry );
411 if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
412 $qossettings{'DEVICE'} = $classline[0];
413 $qossettings{'CLASS'} = $classline[1];
414 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} handle $qossettings{'CLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
415 }
416}
417foreach $subclassentry (sort @subclasses) {
418 @subclassline = split( /\;/, $subclassentry );
419 if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
420 $qossettings{'DEVICE'} = $subclassline[0];
421 $qossettings{'SCLASS'} = $subclassline[2];
422 print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 2:$qossettings{'SCLASS'} handle $qossettings{'SCLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
423 }
424}
425print "\n\t### FILTER TRAFFIC INTO CLASSES\n";
426foreach $classentry (sort @classes)
427{
428 @classline = split( /\;/, $classentry );
429 if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
430 $qossettings{'DEVICE'} = $classline[0];
431 $qossettings{'CLASS'} = $classline[1];
432 print "\ttc filter add dev $qossettings{'DEVICE'} parent 2:0 prio 0 protocol ip handle $qossettings{'CLASS'} fw flowid 2:$qossettings{'CLASS'}\n";
433 }
434}
435foreach $subclassentry (sort @subclasses) {
436 @subclassline = split( /\;/, $subclassentry );
437 if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
438 $qossettings{'DEVICE'} = $subclassline[0];
439 $qossettings{'CLASS'} = $subclassline[1];
440 $qossettings{'SCLASS'} = $subclassline[2];
441 print "\ttc filter add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} prio 0 protocol ip handle $qossettings{'SCLASS'} fw flowid 2:$qossettings{'SCLASS'}\n";
442 }
443}
444print <<END
445
446 ### ADD QOS-OUT CHAIN TO THE MANGLE TABLE IN IPTABLES
447 iptables -t mangle -N QOS-INC
448 iptables -t mangle -A PREROUTING -i $qossettings{'RED_DEV'} -j IMQ --todev 0
449 iptables -t mangle -I PREROUTING -i $qossettings{'RED_DEV'} -j QOS-INC
450
451
452 ### SET LEVEL7-RULES
453END
454;
455 foreach $l7ruleentry (sort @l7rules)
456 {
457 @l7ruleline = split( /\;/, $l7ruleentry );
458 if ( $l7ruleline[1] eq $qossettings{'IMQ_DEV'} )
459 {
460 $qossettings{'CLASS'} = $l7ruleline[0];
461 $qossettings{'DEVICE'} = $l7ruleline[1];
462 $qossettings{'L7PROT'} = $l7ruleline[2];
463 $qossettings{'QIP'} = $l7ruleline[3];
464 $qossettings{'DIP'} = $l7ruleline[4];
465 print "\tiptables -t mangle -A QOS-INC -i $qossettings{'DEVICE'} ";
466 if ($qossettings{'QIP'} ne ''){
467 print "-s $qossettings{'QIP'} ";
468 }
469 if ($qossettings{'DIP'} ne ''){
470 print "-d $qossettings{'DIP'} ";
471 }
472 print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j MARK --set-mark $qossettings{'CLASS'}\n";
473 print "\tiptables -t mangle -A QOS-INC -i $qossettings{'DEVICE'} ";
474 if ($qossettings{'QIP'} ne ''){
475 print "-s $qossettings{'QIP'} ";
476 }
477 if ($qossettings{'DIP'} ne ''){
478 print "-d $qossettings{'DIP'} ";
479 }
480 print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j RETURN\n";
481 }
482 }
483
484print "\n\t### SET PORT-RULES\n";
485 foreach $portruleentry (sort @portrules)
486 {
487 @portruleline = split( /\;/, $portruleentry );
488 if ( $portruleline[1] eq $qossettings{'IMQ_DEV'} )
489 {
490 $qossettings{'CLASS'} = $portruleline[0];
491 $qossettings{'DEVICE'} = $portruleline[1];
492 $qossettings{'PPROT'} = $portruleline[2];
493 $qossettings{'QIP'} = $portruleline[3];
494 $qossettings{'QPORT'} = $portruleline[4];
495 $qossettings{'DIP'} = $portruleline[5];
496 $qossettings{'DPORT'} = $portruleline[6];
497 print "\tiptables -t mangle -A QOS-INC -i $qossettings{'DEVICE'} ";
498 if ($qossettings{'QIP'} ne ''){
499 print "-s $qossettings{'QIP'} ";
500 }
501 if ($qossettings{'DIP'} ne ''){
502 print "-d $qossettings{'DIP'} ";
503 }
504 print "-p $qossettings{'PPROT'} ";
505 if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
506 print "-m multiport ";
507 }
508 if ($qossettings{'QPORT'} ne ''){
509 print "--sport $qossettings{'QPORT'} ";
510 }
511 if ($qossettings{'DPORT'} ne ''){
512 print "--dport $qossettings{'DPORT'} ";
513 }
514 print "-j MARK --set-mark $qossettings{'CLASS'}\n";
515 print "\tiptables -t mangle -A QOS-INC -i $qossettings{'DEVICE'} ";
516 if ($qossettings{'QIP'} ne ''){
517 print "-s $qossettings{'QIP'} ";
518 }
519 if ($qossettings{'DIP'} ne ''){
520 print "-d $qossettings{'DIP'} ";
521 }
522 print "-p $qossettings{'PPROT'} ";
523 if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
524 print "-m multiport ";
525 }
526 if ($qossettings{'QPORT'} ne ''){
527 print "--sport $qossettings{'QPORT'} ";
528 }
529 if ($qossettings{'DPORT'} ne ''){
530 print "--dport $qossettings{'DPORT'} ";
531 }
532 print "-j RETURN\n\n";
533 }
534 }
535
536print <<END
537
538 ### REDUNDANT: SET ALL NONMARKED PACKETS TO DEFAULT CLASS
539 iptables -t mangle -A QOS-INC -i $qossettings{'IMQ_DEV'} -m mark --mark 0 -j MARK --set-mark $qossettings{'DEFCLASS_INC'}
540
541 echo "Quality of Service was successfully started!"
542 exit 0
543 ;;
544 clear)
545 ### RESET EVERYTHING TO A KNOWN STATE
546 # DELETE QDISCS
547 tc qdisc del dev $qossettings{'RED_DEV'} root
548 tc qdisc del dev $qossettings{'IMQ_DEV'} root
549 # REMOVE & FLUSH CHAINS
550 iptables -t mangle --delete POSTROUTING -o $qossettings{'RED_DEV'} -j QOS-OUT
551 iptables -t mangle --flush QOS-OUT
552 iptables -t mangle --delete-chain QOS-OUT
553 iptables -t mangle --delete PREROUTING -i $qossettings{'IMQ_DEV'} -j QOS-INC
554 iptables -t mangle --flush QOS-INC
555 iptables -t mangle --delete-chain QOS-INC
556 # STOP IMQ-DEVICE
557 ip link set $qossettings{'IMQ_DEV'} down
558 iptables -t mangle --delete PREROUTING -i $qossettings{'RED_DEV'} -j IMQ --todev 0
559 rmmod imq
560 rmmod sch_htb
561 ## rmmod ipt_IMQ # Doesn't work :(
562 echo "Quality of Service was successfully cleared!"
563 ;;
564 gen)
565 echo -n "Generateing the QoS-Scripts..."
566 /usr/bin/perl /var/ipfire/qos/bin/makeqosscripts.pl > /var/ipfire/qos/bin/qos.sh
567 echo ".Done!"
568 exit 0
569 ;;
570esac
571### EOF
572END
573;
574
575############################################################################################################################
576############################################################################################################################
577
Peter's tree of IPFire 2.x