Changeset 9679928e3424ddb216ce7cb6ae23351b51728b78
- Timestamp:
- 05/30/09 06:29:48 (3 years ago)
- Author:
- Neutron Soutmun <neo.neutron@…>
- Children:
- 96808c5450804cf9cc6a590500ccce6131c2b937
- Parents:
- a0fbd8081aad14716555b28cab27c19b76973eea
- git-committer:
- Neutron Soutmun <neo.neutron@…> (05/30/09 06:29:48)
- Message:
-
Adjust firewall script, handle bittorrent throttle
- The firewall script now handle bittorrent throttle properly.
- Adjust the priority of the throttle filter which more important over
the users' session filter.
- Location:
- tools
- Files:
-
Legend:
- Unmodified
- Added
- Removed
-
|
rae7e7e4
|
r9679928
|
|
| 79 | 79 | $TC qdisc add dev $SHAPING_DOWN_INF parent 1:${BITTORRENT_ID} \ |
| 80 | 80 | handle ${BITTORRENT_ID}: sfq perturb 10 |
| 81 | | $TC filter add dev $SHAPING_DOWN_INF parent 1: protocol ip prio 5 \ |
| | 81 | $TC filter add dev $SHAPING_DOWN_INF parent 1: protocol ip prio 1 \ |
| 82 | 82 | handle 0x3 fw classid 1:${BITTORRENT_ID} |
| 83 | 83 | |
| … |
… |
|
| 87 | 87 | $TC qdisc add dev $SHAPING_UP_INF parent 2:${BITTORRENT_ID} \ |
| 88 | 88 | handle ${BITTORRENT_ID}: sfq perturb 10 |
| 89 | | $TC filter add dev $SHAPING_UP_INF parent 2: protocol ip prio 5 \ |
| | 89 | $TC filter add dev $SHAPING_UP_INF parent 2: protocol ip prio 1 \ |
| 90 | 90 | handle 0x3 fw classid 2:${BITTORRENT_ID} |
| 91 | 91 | ;; |
| … |
… |
|
| 143 | 143 | classid 1:${ID} htb rate ${DOWNSPEED}bit ceil ${DOWNSPEED}bit |
| 144 | 144 | $TC filter add dev $SHAPING_DOWN_INF parent 1: \ |
| 145 | | protocol ip prio 1 u32 match ip dst ${IP}/32 flowid 1:${ID} |
| | 145 | protocol ip prio 2 u32 match ip dst ${IP}/32 flowid 1:${ID} |
| 146 | 146 | |
| 147 | 147 | # Uplink |
| … |
… |
|
| 149 | 149 | classid 2:${ID} htb rate ${UPSPEED}bit ceil ${UPSPEED}bit |
| 150 | 150 | $TC filter add dev $SHAPING_UP_INF parent 2: \ |
| 151 | | protocol ip prio 1 u32 match ip src ${IP}/32 flowid 2:${ID} |
| | 151 | protocol ip prio 2 u32 match ip src ${IP}/32 flowid 2:${ID} |
| 152 | 152 | } |
| 153 | 153 | |
| … |
… |
|
| 161 | 161 | UP_HANDLE=`$TC filter show dev $SHAPING_UP_INF | grep -w "flowid 2:${ID} " | awk '{print $10}'` |
| 162 | 162 | $TC filter del dev $SHAPING_DOWN_INF parent 1: \ |
| 163 | | prio 1 handle ${DOWN_HANDLE} u32 |
| | 163 | prio 2 handle ${DOWN_HANDLE} u32 |
| 164 | 164 | $TC filter del dev $SHAPING_UP_INF parent 2: \ |
| 165 | | prio 1 handle ${UP_HANDLE} u32 |
| | 165 | prio 2 handle ${UP_HANDLE} u32 |
| 166 | 166 | |
| 167 | 167 | # Class Removal |
-
|
raace70f
|
r9679928
|
|
| 485 | 485 | # bittorrent-announce is customized pattern, warning if not exists. |
| 486 | 486 | ## |
| 487 | | if [ "$BITTORRENT" = "yes" -o -n "$BITTORRENT_ALLOW" ]; then |
| | 487 | if [ "$BITTORRENT" = "yes" ] || [ -n "$BITTORRENT_ALLOW" ]; then |
| 488 | 488 | if [ -n "$BITTORRENT_ALLOW" ]; then |
| 489 | 489 | BITTORRENT_ALLOW_OPTIONS="-m set ! --set $P2P_ALLOW_SET" |
| … |
… |
|
| 493 | 493 | $IPTABLES -t mangle -A $CHAIN_MANGLE_PREROUTING -m layer7 --l7proto bittorrent $BITTORRENT_ALLOW_OPTIONS src -j DROP |
| 494 | 494 | fi |
| 495 | | else |
| | 495 | elif [ "$BITTORRENT" = "block" ]; then |
| 496 | 496 | $IPTABLES -t mangle -A $CHAIN_MANGLE_PREROUTING -m layer7 --l7proto bittorrent-announce -j DROP |
| 497 | 497 | $IPTABLES -t mangle -A $CHAIN_MANGLE_PREROUTING -m layer7 --l7proto bittorrent -j DROP |
