#Apaga a classe root.
tc qdisc del root dev eth0
##Criação das classes em eth0
tc qdisc add dev eth0 root handle 1: htb default 30
##Definicao das classes filhas
tc class add dev eth0 parent 1: classid 1:1 htb rate 1000kbit ceil 1000kbit
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 700kbit ceil 1000kbit prio 1
tc class add dev eth0 parent 1:1 classid 1:20 htb rate 200kbit ceil 1000kbit prio 2
tc class add dev eth0 parent 1:1 classid 1:30 htb rate 100kbit ceil 1000kbit prio 3
##Otimiza a disputa das filas com sqf
tc qdisc add dev eth0 parent 1:10 handle 10: sfq quantum 1514 perturb 10
tc qdisc add dev eth0 parent 1:20 handle 20: sfq quantum 1514 perturb 10
tc qdisc add dev eth0 parent 1:30 handle 30: sfq quantum 1514 perturb 10
#Marca pacotes
iptables -t mangle -A PREROUTING -p tcp -m multiport –dport 443,25,110 -j MARK –set-mark 1
iptables -t mangle -A PREROUTING -p tcp -m multiport –sport 443,25,110 -j MARK –set-mark 1
iptables -t mangle -A PREROUTING -p icmp -d 189.84.20.51 -j MARK –set-mark 1
iptables -t mangle -A PREROUTING -p icmp -s 189.84.20.51 -j MARK –set-mark 1
iptables -t mangle -A PREROUTING -p udp -d 189.84.20.51 -j MARK –set-mark 1
iptables -t mangle -A PREROUTING -p udp -s 189.84.20.51 -j MARK –set-mark 1
iptables -t mangle -A PREROUTING -p tcp -d 189.84.20.51 -j MARK –set-mark 1
iptables -t mangle -A PREROUTING -p tcp -s 189.84.20.51 -j MARK –set-mark 1
#Pacotes com tamanho até 60000 bytes em http na porta 80 tcp
iptables -t mangle -A PREROUTING -p tcp -m tcp –dport 80 -m length –length 1:60000 -j MARK –set-mark 1
iptables -t mangle -A PREROUTING -p tcp -m tcp –sport 80 -m length –length 1:60000 -j MARK –set-mark 1
#Pacotes icmp
iptables -t mangle -A PREROUTING -p icmp -j MARK –set-mark 2
iptables -t mangle -A PREROUTING -p udp -j MARK –set-mark 2
#Classifica os pacotes para caírem em suas respectivas classes criadas
iptables -t mangle -A POSTROUTING -o eth0 -m mark –mark 1 -j CLASSIFY –set-class 1:10
iptables -t mangle -A POSTROUTING -o eth0 -m mark –mark 2 -j CLASSIFY –set-class 1:20
iptables -t mangle -A POSTROUTING -o eth0 -m mark –mark 3 -j CLASSIFY –set-class 1:30
2 comentários escritos ↓
1 jeferson // Jan 30, 2009 at 21:29
muito legal… mas ficou faltando explicar ne…
2 Marcelo Santana // Jan 31, 2009 at 10:13
Realmente, se quiser mais detalhes fique a vontade. meu msn é mlsantana@yahoo.com
Deixe um comentário