#!/bin/sh RATE_TOT=256kbit # 32 kbps SERVERS=192kbiti # 24 kbps WEB=128kbit # Mark 5 16 kbps FTP=64kbit # Mark 4 8 kbps LAN=64kbit # 8 kbps USERS=32kbit # BOUNDED 4 kbps PROXY=24kbit # Mark 1 3 kbps NON_PROXY=8kbit # Mark 3 1 kbps MANAGERS=32kbit # Mark 2 4 kbps FTP_IP="1.1.1.1" WEB_IP="1.1.1.2" DEV="dev eth0" OPTION="allot 1514 maxburst 20 avpkt 1000 prio 3" tc qdisc del $DEV root handle 10: tc qdisc add $DEV root handle 10: cbq bandwidth 10mbit avpkt 1000 tc class add $DEV parent 10:0 classid 10:2 cbq bandwidth 10mbit rate $RATE_TOT $OPTION bounded tc qdisc add $DEV parent 10:2 handle 20: cbq bandwidth $RATE_TOT allot 1514 avpkt 1000 tc class add $DEV parent 20: classid 20:10 cbq bandwidth $RATE_TOT rate $SERVERS $OPTION tc class add $DEV parent 20: classid 20:20 cbq bandwidth $RATE_TOT rate $LAN $OPTION tc qdisc add $DEV parent 20:10 handle 210: cbq bandwidth $SERVERS allot 1514 avpkt 1000 tc class add $DEV parent 210: classid 210:10 cbq bandwidth $SERVERS rate $FTP $OPTION tc class add $DEV parent 210: classid 210:20 cbq bandwidth $SERVERS rate $WEB $OPTION tc qdisc add $DEV parent 20:20 handle 220: cbq bandwidth $LAN allot 1514 avpkt 1000 tc class add $DEV parent 220: classid 220:10 cbq bandwidth $LAN rate $USERS $OPTION bounded tc qdisc add $DEV parent 220:10 handle 2210: cbq bandwidth $USERS allot 1514 avpkt 1000 tc class add $DEV parent 2210: classid 2210:10 cbq bandwidth $USERS rate $PROXY $OPTION tc class add $DEV parent 2210: classid 2210:20 cbq bandwidth $USERS rate $NON_PROXY $OPTION tc class add $DEV parent 220: classid 220:20 cbq bandwidth $LAN rate $MANAGERS $OPTION tc filter add $DEV parent 10: protocol ip prio 3 handle 1 fw classid 10:2 tc filter add $DEV parent 10: protocol ip prio 3 handle 3 fw classid 10:2 tc filter add $DEV parent 10: protocol ip prio 3 handle 2 fw classid 10:2 tc filter add $DEV parent 10: protocol ip prio 3 handle 4 fw classid 10:2 tc filter add $DEV parent 10: protocol ip prio 3 handle 5 fw classid 10:2 tc filter add $DEV parent 20: protocol ip prio 3 handle 1 fw classid 20:20 tc filter add $DEV parent 20: protocol ip prio 3 handle 3 fw classid 20:20 tc filter add $DEV parent 20: protocol ip prio 3 handle 2 fw classid 20:20 tc filter add $DEV parent 20: protocol ip prio 3 handle 4 fw classid 20:10 tc filter add $DEV parent 20: protocol ip prio 3 handle 5 fw classid 20:10 tc filter add $DEV parent 220: protocol ip prio 3 handle 1 fw classid 220:10 tc filter add $DEV parent 220: protocol ip prio 3 handle 3 fw classid 220:10 tc filter add $DEV parent 220: protocol ip prio 3 handle 2 fw classid 220:20 tc filter add $DEV parent 210: protocol ip prio 3 handle 4 fw classid 210:10 tc filter add $DEV parent 210: protocol ip prio 3 handle 5 fw classid 210:20 tc filter add $DEV parent 2210: protocol ip prio 3 handle 1 fw classid 2210:10 tc filter add $DEV parent 2210: protocol ip prio 3 handle 3 fw classid 2210:20 iptables -F iptables -X iptables -N acc_0 iptables -N acc_1 iptables -N acc_2 iptables -N acc_3 iptables -N acc_4 iptables -A OUTPUT -t mangle -p tcp --dport 2001 -j MARK --set-mark 1 iptables -A OUTPUT -t mangle -p tcp --dport 2002 -j MARK --set-mark 2 iptables -A OUTPUT -t mangle -p tcp --dport 2003 -j MARK --set-mark 3 iptables -A OUTPUT -t mangle -p tcp --dport 2004 -j MARK --set-mark 4 iptables -A OUTPUT -t mangle -p tcp --dport 2005 -j MARK --set-mark 5 iptables -A OUTPUT -p tcp --dport 2001 -j acc_0 iptables -A OUTPUT -p tcp --dport 2002 -j acc_1 iptables -A OUTPUT -p tcp --dport 2003 -j acc_2 iptables -A OUTPUT -p tcp --dport 2004 -j acc_3 iptables -A OUTPUT -p tcp --dport 2005 -j acc_4