www.djtremors.com - Shaping Script Part 2

The 17th of September 2008 opens a new door for myself as I leave my old work place for a new one after 9 years. It's been a long time coming but I've finally found something interesting and new to change to.

I am now working for a company called Adeptra (www.adeptra.com) who specialises in automated voice calls. Very interesting technology even though alot of us sysadmins have done something like this in our life time already.

The system calls clients to inform of possibly security breach of their credit cards or even just that their payment for their bills are overdue.

I haven't heard the system yet but going from the demo on the site, the systems text to speech seems quite well put together and scripted.

I've worked on text to speech before and even speech recognition (funny episode when I told my machine to start IE and it started FireFox instead, maybe it knew better than to run IE. Kept me laughing for a while..) but the technology is a long way from perfection.

So it looks like alot of new reading material for me for some months to come and a new life to start over again but I will keep up the community mods/tweaks that I make from time to time.

Home

Downloads

Linux Scripts

Shaping Script Part 2

Written by DjTremors
Tuesday, 15 November 2005
Here's a new script I've worked on. I think it's alot better than the old one so hope this is of some educational use to somebody. #!/bin/bash # htbshaper (no imq), htbshaper on (with imq), htbshaper off (shutdown shaping) # Internal Device INTDEV=eth0 # Wireless Device ADMDEV=eth1 # Internet Device EXTDEV=eth3 # tc qdisc ... dev dev ( parent classid \| root) [ handle major: ] htb [ default minor-id ] # tc class ... dev dev parent major:[minor] [ classid major:minor ] htb rate rate [ ceil rate ] burst bytes [ cburst bytes ] [ prio priority ] tc qdisc del dev eth0 root 2>/dev/null tc qdisc del dev eth1 root 2>/dev/null tc qdisc del dev eth3 root 2>/dev/null tc qdisc del dev imq0 root 2>/dev/null ip link set imq0 down 2>/dev/null rmmod imq 2>/dev/null iptables -F FORWARD -t mangle if [ "$1" = "off" ]; then exit fi IMQON="$1" if [ "$IMQON" ]; then insmod imq numdevs=1 ip link set imq0 up 2>/dev/null echo "IMQ Devices On!" fi # ETH0 - LAN tc qdisc add dev $INTDEV root handle 1: htb default 30 tc class add dev $INTDEV parent 1: classid 1:1 htb rate 1900kbit burst 2500b tc class add dev $INTDEV parent 1:1 classid 1:10 htb rate 100kbit ceil 300kbit burst 2500 # SSH tc class add dev $INTDEV parent 1:1 classid 1:20 htb rate 200kbit ceil 1000kbit burst 2500 # SMTP tc class add dev $INTDEV parent 1:1 classid 1:30 htb rate 500kbit ceil 1000kbit burst 2500 # VPN tc class add dev $INTDEV parent 1:1 classid 1:40 htb rate 100kbit ceil 150kbit burst 2500 # DNS #tc class add dev $INTDEV parent 1:1 classid 1:50 htb rate 200kbit ceil 1900kbit burst 2500 # HTTP(S) tc class add dev $INTDEV parent 1:1 classid 1:60 htb rate 200kbit ceil 500kbit burst 2500 # FTP tc class add dev $INTDEV parent 1:1 classid 1:70 htb rate 100kbit ceil 1000kbit burst 2500 # WKS tc class add dev $INTDEV parent 1:1 classid 1:100 htb rate 200kbit ceil 500kbit burst 2500 # Other tc qdisc add dev $INTDEV parent 1:10 handle 110: sfq perturb 10 tc qdisc add dev $INTDEV parent 1:20 handle 120: sfq perturb 10 tc qdisc add dev $INTDEV parent 1:30 handle 130: sfq perturb 10 tc qdisc add dev $INTDEV parent 1:40 handle 140: sfq perturb 10 #tc qdisc add dev $INTDEV parent 1:50 handle 150: sfq perturb 10 tc qdisc add dev $INTDEV parent 1:60 handle 160: sfq perturb 10 tc qdisc add dev $INTDEV parent 1:70 handle 170: sfq perturb 10 tc qdisc add dev $INTDEV parent 1:100 handle 100: sfq perturb 10 tc filter add dev $INTDEV parent 1:0 prio 0 protocol ip handle 110 fw flowid 1:10 tc filter add dev $INTDEV parent 1:0 prio 0 protocol ip handle 120 fw flowid 1:20 tc filter add dev $INTDEV parent 1:0 prio 0 protocol ip handle 130 fw flowid 1:30 tc filter add dev $INTDEV parent 1:0 prio 0 protocol ip handle 140 fw flowid 1:40 #tc filter add dev $INTDEV parent 1:0 prio 0 protocol ip handle 150 fw flowid 1:50 tc filter add dev $INTDEV parent 1:0 prio 0 protocol ip handle 160 fw flowid 1:60 tc filter add dev $INTDEV parent 1:0 prio 0 protocol ip handle 170 fw flowid 1:70 tc filter add dev $INTDEV parent 1:0 prio 0 protocol ip handle 100 fw flowid 1:100 if [ "$IMQON" ]; then tc class add dev imq0 parent 1:1 classid 1:50 htb rate 200kbit ceil 1900kbit burst 2500 # HTTP(S) tc qdisc add dev imq0 parent 1:50 handle 150: sfq perturb 10 tc filter add dev imq0 parent 1:0 prio 0 protocol ip handle 150 fw flowid 1:50 #tc filter add dev imq0 parent 4:0 prio 0 protocol ip handle 160 fw flowid 4:60 #tc filter add dev imq0 parent 4:0 prio 0 protocol ip handle 170 fw flowid 4:70 #tc filter add dev imq0 parent 4:0 prio 0 protocol ip handle 100 fw flowid 4:100 iptables -t mangle -I PREROUTING -i $EXTDEV -j IMQ --todev 0 tc filter add dev imq0 parent 1:0 protocol ip prio 1 u32 match ip sport 80 0xffff flowid 1:50 fi # LAN - [ IN ] SERVERS # 50kbits -> 100kbit iptables -A FORWARD -t mangle -i $EXTDEV -o $INTDEV -p tcp --sport 22 -j MARK --set-mark 110 # SSH iptables -A FORWARD -t mangle -i $EXTDEV -o $INTDEV -d 10.10.0.60 -p tcp --dport 25 -j MARK --set-mark 120 # SMTP iptables -A FORWARD -t mangle -i $EXTDEV -o $INTDEV -d 10.10.0.60 -p tcp --dport 1723 -j MARK --set-mark 130 # VPN iptables -A FORWARD -t mangle -i $EXTDEV -o $INTDEV -d 10.10.0.60 -p 47 -j MARK --set-mark 130 # VPN iptables -A FORWARD -t mangle -i $EXTDEV -o $INTDEV -d 10.10.0.60 -p udp --dport 53 -j MARK --set-mark 140 # DNS iptables -A PREROUTING -t nat -t mangle -i $EXTDEV -p tcp --sport 80 -j MARK --set-mark 150 # HTTP iptables -A FORWARD -t mangle -i $EXTDEV -o $INTDEV -p tcp --sport 443 -j MARK --set-mark 150 # HTTPS iptables -A FORWARD -t mangle -i $EXTDEV -o $INTDEV -m state --state RELATED -j MARK --set-mark 160 # FTP # LAN - [ IN ] WORKSTATIONS # 200kbit -> 500kbit iptables -A FORWARD -t mangle -i $EXTDEV -o $INTDEV -d 10.10.0.64/26 -j MARK --set-mark 170 # ETH1 - Wireless tc qdisc add dev $ADMDEV root handle 2: htb default 10 tc class add dev $ADMDEV parent 2: classid 2:1 htb rate 1000kbit burst 2500 tc class add dev $ADMDEV parent 2:1 classid 2:10 htb rate 200kbit ceil 1000kbit burst 2500 tc qdisc add dev $ADMDEV parent 2:10 handle 210: sfq perturb 10 tc filter add dev $ADMDEV parent 2:0 prio 0 protocol ip handle 210 fw flowid 2:10 # WIRELESS - [ IN ] WORKSTATIONS # 200kbit -> 1000kbit # ETH3 - Internet tc qdisc add dev $EXTDEV root handle 3: htb # default 20 tc class add dev $EXTDEV parent 3: classid 3:1 htb rate 1800kbit burst 2500 tc class add dev $EXTDEV parent 3:1 classid 3:10 htb rate 200kbit ceil 1000kbit burst 2500 # SMTP tc class add dev $EXTDEV parent 3:1 classid 3:20 htb rate 500kbit ceil 1500kbit burst 2500 # VPN tc class add dev $EXTDEV parent 3:1 classid 3:30 htb rate 100kbit ceil 150kbit burst 2500 # DNS tc class add dev $EXTDEV parent 3:1 classid 3:40 htb rate 300kbit ceil 1500kbit burst 2500 # HTTP(S) tc class add dev $EXTDEV parent 3:1 classid 3:50 htb rate 200kbit ceil 800kbit burst 2500 # FTP tc class add dev $EXTDEV parent 3:1 classid 3:100 htb rate 200kbit ceil 200kbit burst 2500 # Other tc qdisc add dev $EXTDEV parent 3:10 handle 210: sfq perturb 10 tc qdisc add dev $EXTDEV parent 3:20 handle 220: sfq perturb 10 tc qdisc add dev $EXTDEV parent 3:30 handle 230: sfq perturb 10 tc qdisc add dev $EXTDEV parent 3:40 handle 240: sfq perturb 10 tc qdisc add dev $EXTDEV parent 3:50 handle 250: sfq perturb 10 tc qdisc add dev $EXTDEV parent 3:100 handle 200: sfq perturb 10 tc filter add dev $EXTDEV parent 3:0 prio 0 protocol ip handle 310 fw flowid 3:10 tc filter add dev $EXTDEV parent 3:0 prio 0 protocol ip handle 320 fw flowid 3:20 tc filter add dev $EXTDEV parent 3:0 prio 0 protocol ip handle 330 fw flowid 3:30 tc filter add dev $EXTDEV parent 3:0 prio 0 protocol ip handle 340 fw flowid 3:40 tc filter add dev $EXTDEV parent 3:0 prio 0 protocol ip handle 350 fw flowid 3:50 tc filter add dev $EXTDEV parent 3:0 prio 0 protocol ip handle 300 fw flowid 3:100 # LAN - [ OUT ] SERVERS # 50kbits -> 100kbit iptables -A FORWARD -t mangle -i $INTDEV -o $EXTDEV -p tcp --dport 25 -j MARK --set-mark 310 # SMTP iptables -A FORWARD -t mangle -i $INTDEV -o $EXTDEV -p tcp --sport 110 -j MARK --set-mark 310 # POP3 iptables -A FORWARD -t mangle -i $INTDEV -o $EXTDEV -p 47 -j MARK --set-mark 320 # VPN iptables -A FORWARD -t mangle -i $INTDEV -o $EXTDEV -s 10.10.0.60 -p udp --sport 53 -j MARK --set-mark 330 # DNS iptables -A FORWARD -t mangle -i $INTDEV -o $EXTDEV -p tcp --sport 80 -j MARK --set-mark 340 # HTTP iptables -A FORWARD -t mangle -i $INTDEV -o $EXTDEV -p tcp --sport 443 -j MARK --set-mark 340 # HTTPS iptables -A FORWARD -t mangle -i $INTDEV -o $EXTDEV -m state --state RELATED -j MARK --set-mark 350 # FTP # LAN - [ OUT ] WORKSTATIONS # 200kbit -> 500kbit iptables -A FORWARD -t mangle -i $INTDEV -o $EXTDEV -m mark --mark 0 -j MARK --set-mark 300 # WIRELESS - [ OUT ] WORKSTATIONS # 200kbit -> 500kbit iptables -A FORWARD -t mangle -i $ADMDEV -o $EXTDEV -j MARK --set-mark 300
Last Updated ( Friday, 02 March 2007 )

< Prev

[ Back ]

Buy great gadgets at