Changeset 112


Ignore:
Timestamp:
Nov 9, 2008, 8:05:48 PM (16 years ago)
Author:
george
Message:
  • Opraveno: Korekce systémových skriptů po aktualizaci Centrály
Location:
system
Files:
6 edited

Legend:

Unmodified
Added
Removed

  • system/backup/backup-move.php

    r39 r112  
    11<?php
    22$i = 10; // Počet záloh
    3 $path='/mnt/backup/';
     3$path='/a/backup/system/';
    44$file='backup';
    55$ext='.tgz';

  • system/backup/do-backup.php

    r103 r112  
    11<?php
    2 include('/a/www/centrala/global.php');
     2chdir('/a/www/centrala');
     3include('global.php');
    34$Database->select_db('backup');
    45

  • system/generators/dns.php

    r103 r112  
    22include_once('/a/www/centrala/global.php');
    33
    4 //$Serial = '2007070601';  // Should be changed on every change
    54$Serial = date('Ymds', time());
    65$ExternalServerName = 'gw-hajda.inext.cz';
     6$MinimumTime = 7200;
    77$RetryTime = 7200;
    88$ExpireTime = 2419200;
    9 
     9$RefreshTime = 28800;
     10$BaseDir = '/var/named/chroot/var/named/';
    1011// === Local network DNS server ===
    1112
    1213// Generate DNS records
    13 $File = fopen('/a/config/named_internal/var/named/zdechov.net.zone', 'w');
     14$File = fopen($BaseDir.'internal/zdechov.net.zone', 'w');
    1415fputs($File,'$ORIGIN zdechov.net.'."\n".
    1516'$TTL 86400'."\n".
    1617"zdechov.net.\tIN\tSOA\tcentrala.zdechov.net.\troot.centrala.zdechov.net.       (\n".
    1718"\t\t\t".$Serial."\t; serial\n".
    18 "\t\t\t28800\t; refresh\n".
    19 "\t\t\t14400\t; retry\n".
    20 "\t\t\t3600000\t; expire\n".
     19"\t\t\t".$RefreshTime."\t; refresh\n".
     20"\t\t\t".$RetryTime."\t; retry\n".
     21"\t\t\t".$ExpireTime."\t; expire\n".
    2122"\t\t\t86400\t; ttl\n".
    2223"\t\t\t)\n".
     
    5859{
    5960  $Parts = explode('.', $Network);
    60   $File = fopen('/a/config/named_internal/var/named/'.$Parts[2].'.'.$Parts[1].'.'.$Parts[0].'.in-addr.arpa.zone', 'w+');
     61  $File = fopen($BaseDir.'internal/'.$Parts[2].'.'.$Parts[1].'.'.$Parts[0].'.in-addr.arpa.zone', 'w+');
    6162  fputs($File,
    6263  '$TTL 86400'."\n".
    6364  "@\tIN\tSOA\tcentrala.zdechov.net.\troot.centrala.zdechov.net.        (\n".
    64   "\t\t\t\t".$Serial." ; serial\n".
    65         "\t\t\t\t28800 ; refresh\n".
    66   "\t\t\t\t14400 ; retry\n".
    67   "\t\t\t\t3600000 ; expire\n".
     65  "\t\t\t\t".$Serial."\t; serial\n".
     66  "\t\t\t\t".$RefreshTime."\t; refresh\n".
     67  "\t\t\t\t".$RetryTime."\t; retry\n".
     68  "\t\t\t\t".$ExpireTime."\t; expire\n".
    6869  "\t\t\t\t86400 ; ttl\n".
    6970  "\t\t\t\t)\n".
     
    8384{
    8485  $Parts = explode('.', $Network);
    85   $File = fopen('/a/config/named_internal/var/named/'.$Parts[2].'.'.$Parts[1].'.'.$Parts[0].'.in-addr.arpa.zone', 'w+');
     86  $File = fopen($BaseDir.'internal/'.$Parts[2].'.'.$Parts[1].'.'.$Parts[0].'.in-addr.arpa.zone', 'w+');
    8687  fputs($File,
    8788  '$TTL 86400'."\n".
    8889  "@\tIN\tSOA\tcentrala.zdechov.net.\troot.centrala.zdechov.net.        (\n".
    89   "\t\t\t\t".$Serial." ; serial\n".
    90         "\t\t\t\t28800 ; refresh\n".
    91   "\t\t\t\t14400 ; retry\n".
    92   "\t\t\t\t3600000 ; expire\n".
     90  "\t\t\t\t".$Serial."\t; serial\n".
     91  "\t\t\t\t".$RefreshTime."\t; refresh\n".
     92  "\t\t\t\t".$RetryTime."\t; retry\n".
     93  "\t\t\t\t".$ExpireTime."\t; expire\n".
    9394  "\t\t\t\t86400 ; ttl\n".
    9495  "\t\t\t\t)\n".
     
    106107
    107108// Generate DNS records
    108 $File = fopen('/a/config/named_external/var/named/zdechov.net.zone', 'w');
     109$File = fopen($BaseDir.'external/zdechov.net.zone', 'w');
    109110$Header = '$ORIGIN zdechov.net.'."\n".
    110111'$TTL 86400'."\n".
    111112"zdechov.net.\tIN\tSOA\t".$ExternalServerName.".\troot.centrala.zdechov.net.    (\t\n".
    112113"\t\t\t".$Serial."\t; serial\n".
    113 "\t\t\t28800\t; refresh\n".
     114"\t\t\t".$RefreshTime."\t; refresh\n".
    114115"\t\t\t".$RetryTime."\t; retry\n".
    115116"\t\t\t".$ExpireTime."\t; expire\n".
     
    136137{
    137138  $Data = strtolower($Alias['name']);
    138   if(strlen($Data)<8) $Data .= "\t";
     139  if(strlen($Data) < 8) $Data .= "\t";
    139140  fputs($File, $Data."\tIN\tCNAME\t".$Alias['target']."\n");
    140141}
     
    147148{
    148149  $Parts = explode('.', $Network);
    149   $File = fopen('/a/config/named_external/var/named/'.$Parts[2].'.'.$Parts[1].'.'.$Parts[0].'.in-addr.arpa.zone', 'w+');
     150  $File = fopen($BaseDir.'external/'.$Parts[2].'.'.$Parts[1].'.'.$Parts[0].'.in-addr.arpa.zone', 'w+');
    150151  fputs($File,
    151152  '$TTL 86400'."\n".
    152153  "@\tIN\tSOA\t".$ExternalServerName.".\troot.centrala.zdechov.net.     (\n".
    153   "\t\t\t\t".$Serial." ; serial\n".
    154         "\t\t\t\t28800 ; refresh\n".
    155   "\t\t\t\t".$RetryTime." ; retry\n".
    156   "\t\t\t\t".$ExpireTime." ; expire\n".
     154  "\t\t\t\t".$Serial."\t; serial\n".
     155  "\t\t\t\t".$RefreshTime."\t; refresh\n".
     156  "\t\t\t\t".$RetryTime."\t; retry\n".
     157  "\t\t\t\t".$ExpireTime."\t; expire\n".
    157158  "\t\t\t\t86400 ; ttl\n".
    158159  "\t\t\t\t)\n".
     
    174175
    175176// Generate DNS records
    176 $File = fopen('/a/config/named_czfree/var/named/zdechov.zlin.czf.zone', 'w');
    177 $File2 = fopen('/a/config/named_internal/var/named/zdechov.zlin.czf.zone', 'w');
     177$File = fopen($BaseDir.'czfree/zdechov.zlin.czf.zone', 'w');
     178$File2 = fopen($BaseDir.'internal/zdechov.zlin.czf.zone', 'w');
    178179
    179180$Header = '$ORIGIN zdechov.zlin.czf.'."\n".
     
    181182$Domain.".\tIN\tSOA\t".$Nameserver.".".$Domain.".\troot.".$Nameserver.".".$Domain."     (\n".
    182183"\t\t\t".$Serial."\t; serial\n".
    183 "\t\t\t28800\t; refresh\n".
    184 "\t\t\t".$RetryTime."\t; retry\n".
    185 "\t\t\t3600000\t; expire\n".
     184"\t\t\t".$RefreshTime."\t; refresh\n".
     185"\t\t\t".$RetryTime."\t; retry\n".
     186"\t\t\t".$ExpireTime."\t; expire\n".
    186187"\t\t\t86400\t; ttl\n".
    187188"\t\t\t)\n".
     
    197198$Domain.".\tIN\tSOA\t".$Nameserver.".".$Domain.".\troot.".$Nameserver.".".$Domain."     (\n".
    198199"\t\t\t".$Serial."\t; serial\n".
    199 "\t\t\t28800\t; refresh\n".
    200 "\t\t\t14400\t; retry\n".
    201 "\t\t\t3600000\t; expire\n".
    202 "\t\t\t86400\t; ttl\n".
     200"\t\t\t".$RefreshTime."\t; refresh\n".
     201"\t\t\t".$RetryTime."\t; retry\n".
     202"\t\t\t".$ExpireTime."\t; expire\n".
    203203"\t\t\t)\n".
    204204"\t\t\tTXT\t".'"Community network ZdechovNET"'."\n".
     
    237237{
    238238  $Parts = explode('.', $Network);
    239   $File = fopen('/a/config/named_czfree/var/named/'.$Parts[2].'.'.$Parts[1].'.'.$Parts[0].'.in-addr.arpa.zone', 'w+');
    240   $File2 = fopen('/a/config/named_internal/var/named/'.$Parts[2].'.'.$Parts[1].'.'.$Parts[0].'.in-addr.arpa.zone', 'w+');
     239  $File = fopen($BaseDir.'czfree/'.$Parts[2].'.'.$Parts[1].'.'.$Parts[0].'.in-addr.arpa.zone', 'w+');
     240  $File2 = fopen($BaseDir.'internal/'.$Parts[2].'.'.$Parts[1].'.'.$Parts[0].'.in-addr.arpa.zone', 'w+');
    241241  $Nameserver = 'centrala';
    242242  $Header = '$TTL 86400'."\n".
    243243  "@\tIN\tSOA\t".$Nameserver.".".$Domain.".\troot.".$Nameserver.".".$Domain.".  (\n".
    244   "\t\t\t\t".$Serial." ; serial\n".
    245         "\t\t\t\t28800 ; refresh\n".
    246   "\t\t\t\t14400 ; retry\n".
    247   "\t\t\t\t3600000 ; expire\n".
     244  "\t\t\t\t".$Serial."\t; serial\n".
     245  "\t\t\t\t".$RefreshTime."\t; refresh\n".
     246  "\t\t\t\t".$RetryTime."\t; retry\n".
     247  "\t\t\t\t".$ExpireTime."\t; expire\n".
    248248  "\t\t\t\t86400 ; ttl\n".
    249249  "\t\t\t\t)\n".
     
    255255  $Header = '$TTL 86400'."\n".
    256256  "@\tIN\tSOA\t".$Nameserver.".".$Domain.".\troot.".$Nameserver.".".$Domain.".  (\n".
    257   "\t\t\t\t".$Serial." ; serial\n".
    258         "\t\t\t\t28800 ; refresh\n".
    259   "\t\t\t\t14400 ; retry\n".
    260   "\t\t\t\t3600000 ; expire\n".
     257  "\t\t\t\t".$Serial."\t; serial\n".
     258  "\t\t\t\t".$RefreshTime."\t; refresh\n".
     259  "\t\t\t\t".$RetryTime."\t; retry\n".
     260  "\t\t\t\t".$ExpireTime."\t; expire\n".
    261261  "\t\t\t\t86400 ; ttl\n".
    262262  "\t\t\t\t)\n".

  • system/generators/iptables.php

    r103 r112  
    88//    exec('/sbin/iptables -t nat -A Block -p tcp --destination-port 80 -j REDIRECT --to-ports 3128');
    99
     10
     11
     12/*
    1013// Blocking according IP address
    1114$DbResult = $Database->select('users', '*', 'inet = 0');
     
    1821  }
    1922}
    20 $DbResult = $Database->select('users', '*', 'inet = 1'); 
     23$DbResult = $Database->select('users', '*', 'inet = 1');
    2124while($User = $DbResult->fetch_array())
    2225{
     
    2831}
    2932
     33*/
     34
    3035// Blocking according MAC address
    31 $DbResult = $Database->select('users', '*'); 
     36$DbResult = $Database->select('users', '*');
    3237while($User = $DbResult->fetch_array())
    3338{
     
    3944    if($User['inet'] == 0)
    4045    {
    41       if(($Row['block'] == 0) and ($Row['type'] == 1)) exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy");
    42         else exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Local");
     46      //if(($Row['block'] == 0) and ($Row['type'] == 1)) exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy");
     47      //    else exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Local");
    4348    } else {
    4449      if($Row['vpn'] == 0)
     
    4651        $CZFreeLocalIP = $Row['IP'];
    4752        //echo($Row['external_ip']."\n");
    48         if($Row['name'] == 'TBC')
    49         {
    50           exec('/sbin/iptables -t nat -A PreroutingDNAT -m tcp -p tcp --dport 3724 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP'].':3725'); 
    51           exec('/sbin/iptables -t nat -A POSTROUTING -m tcp -p tcp -s '.$Row['IP'].' --sport 3725 -o eth1 -j SNAT --to-source '.$Row['external_ip'].':3724'); 
    52         }
     53        //if($Row['name'] == 'TBC')
     54        //{
     55        //  exec('/sbin/iptables -t nat -A PreroutingDNAT -m tcp -p tcp --dport 3724 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP'].':3725');
     56        //  exec('/sbin/iptables -t nat -A POSTROUTING -m tcp -p tcp -s '.$Row['IP'].' --sport 3725 -o eth1 -j SNAT --to-source '.$Row['external_ip'].':3724');
     57        //}
    5358        if(strtolower($Row['name']) != 'centrala')
    5459        {
    5560          if($Row['external_ip'] != '')
    5661          {
    57             exec('/sbin/iptables -t nat -A PreroutingDNAT -i eth1 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP']); 
    58             exec('/sbin/iptables -t nat -A PreroutingDNAT -i eth1 -d '.$Row['external_ip'].' -j ACCEPT'); 
    59             exec('/sbin/iptables -t nat -A POSTROUTING -s '.$Row['IP'].' -o eth1 -j SNAT --to-source '.$Row['external_ip']); 
     62            exec('/sbin/iptables -t nat -A PreroutingDNAT -i eth1 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP']);
     63            exec('/sbin/iptables -t nat -A PreroutingDNAT -i eth1 -d '.$Row['external_ip'].' -j ACCEPT');
     64            exec('/sbin/iptables -t nat -A POSTROUTING -s '.$Row['IP'].' -o eth1 -j SNAT --to-source '.$Row['external_ip']);
    6065          }
    61           exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy");
     66          //exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy");
    6267        }
    6368      }
    64       else 
     69      else
    6570      {
    6671        $CZFreeLocalIP = $Row['external_ip'];
    6772 //echo('vpn');
    68         //exec('/sbin/iptables -t nat -A PreroutingDNAT -s '.$Row['IP'].' -p udp -m udp --dport 55556 -j DROP'); 
    69         if($Row['external_ip'] != '') exec('/sbin/iptables -t nat -A PreroutingDNAT -d '.$Row['external_ip'].' -j ACCEPT'); 
     73        //exec('/sbin/iptables -t nat -A PreroutingDNAT -s '.$Row['IP'].' -p udp -m udp --dport 55556 -j DROP');
     74        if($Row['external_ip'] != '') exec('/sbin/iptables -t nat -A PreroutingDNAT -d '.$Row['external_ip'].' -j ACCEPT');
    7075        exec('/sbin/iptables -t nat -A Block -s '.ToVpnIp($Row)." -j Proxy");
    7176
    72         if($Row['vpn'] == 1)
    73         {
    74           exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Local");
    75         } else if($Row['vpn'] == 2) exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy");
     77        //if($Row['vpn'] == 1)
     78        //{
     79          //exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Local");
     80        //} else if($Row['vpn'] == 2) exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy");
    7681      }
    7782      if($Row['czfree_ip'] != '')
    7883      {
    7984        // CZFree
    80         exec('/sbin/iptables -t nat -A PreroutingDNAT -i tun0 -d '.$Row['czfree_ip'].' -j DNAT --to-destination '.$CZFreeLocalIP); 
    81         exec('/sbin/iptables -t nat -A PreroutingDNAT -i tun0 -d '.$Row['czfree_ip'].' -j ACCEPT'); 
    82         exec('/sbin/iptables -t nat -A POSTROUTING -s '.$CZFreeLocalIP.' -o tun0 -j SNAT --to-source '.$Row['czfree_ip']); 
     85        exec('/sbin/iptables -t nat -A PreroutingDNAT -i tun0 -d '.$Row['czfree_ip'].' -j DNAT --to-destination '.$CZFreeLocalIP);
     86        exec('/sbin/iptables -t nat -A PreroutingDNAT -i tun0 -d '.$Row['czfree_ip'].' -j ACCEPT');
     87        exec('/sbin/iptables -t nat -A POSTROUTING -s '.$CZFreeLocalIP.' -o tun0 -j SNAT --to-source '.$Row['czfree_ip']);
    8388      }
    8489    }
     
    8792}
    8893
     94
    8995// SMTP NAT port 25
    90 $DbResult = $Database->select('hosts', '*', 'name="MAIL"');
     96$DbResult = $Database->select('hosts', '*', 'name="mail"');
    9197$Row = $DbResult->fetch_array();
    92 exec('/sbin/iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d 212.111.4.174 -j DROP'); 
    93 exec('/sbin/iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP']); 
    94 exec('/sbin/iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d '.$Row['external_ip'].' -j ACCEPT'); 
    95 exec('/sbin/iptables -t nat -A POSTROUTING -p tcp -m tcp --dport 25 -s 212.111.4.174 -o eth1 -j SNAT --to-source '.$Row['external_ip']); 
     98exec('/sbin/iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d 212.111.4.174 -j DROP');
     99exec('/sbin/iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP']);
     100exec('/sbin/iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d '.$Row['external_ip'].' -j ACCEPT');
     101exec('/sbin/iptables -t nat -A POSTROUTING -p tcp -m tcp --dport 25 -s 212.111.4.174 -o eth1 -j SNAT --to-source '.$Row['external_ip']);
    96102
    97103// Local network NAT
    98 $DbResult = $Database->select('hosts', '*', 'name="GATE"');
     104$DbResult = $Database->select('hosts', '*', 'name="gate"');
    99105$Row = $DbResult->fetch_array();
    100106exec('/sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/255.255.0.0 -o eth1 -j SNAT --to-source '.$Row['external_ip']);

  • system/generators/traffic_shaping.php

    r111 r112  
    2323$VoipSpeedIn = 100; //$SpeedReserve;
    2424$VoipSpeedOut = 100; //$SpeedReserve;
     25$InetInterface = 'eth1';
     26$OutInterface = 'eth1';
     27$InInterface = 'ifb0';
    2528$FreeInetSpeed = 64;
    2629
     
    3639  if($Enabled)
    3740  {
    38     exec('/sbin/iptables -t mangle -A FORWARD -j MARK --set-mark 0');
    39     exec('/sbin/iptables -t mangle -i eth1 -A FORWARD -j MARK --set-mark 1');
    40     exec('/sbin/iptables -t mangle -o eth1 -A FORWARD -j MARK --set-mark 1');
     41    //exec('/sbin/iptables -t mangle -A FORWARD -j MARK --set-mark 0');
     42    //exec('/sbin/iptables -t mangle -i eth1 -A FORWARD -j MARK --set-mark 1');
     43    //exec('/sbin/iptables -t mangle -o eth1 -A FORWARD -j MARK --set-mark 1');
    4144  }
    4245
     
    4447 
    4548  // In going traffic
    46   fputs($File, "/sbin/tc qdisc del dev imq0 root\n");
     49  fputs($File, "/sbin/tc qdisc del dev ".$InInterface." root\n");
    4750  if($Enabled)
    4851  {
    49     fputs($File, "/sbin/tc qdisc add dev imq0 root handle 1:0 htb default 2\n");
     52    fputs($File, "/sbin/tc qdisc add dev ".$InInterface." root handle 1:0 htb default 2\n");
    5053    fputs($FileClassInfo, "1:1 Základní\n");
    51     fputs($File, "/sbin/tc class add dev imq0 parent 1:0 classid 1:1 htb rate ".$TotalMaxSpeedIn."kbit quantum 1500\n");
     54    fputs($File, "/sbin/tc class add dev ".$InInterface." parent 1:0 classid 1:1 htb rate ".$TotalMaxSpeedIn."kbit quantum 1500\n");
    5255    fputs($FileClassInfo, "1:2 Internet zdarma\n");
    53     fputs($File, "/sbin/tc class add dev imq0 parent 1:1 classid 1:".$FreeInetClass." htb rate ".$FreeInetSpeed."kbit prio 3 quantum 1500\n");
    54     fputs($File, "/sbin/tc qdisc add dev imq0 parent 1:".$FreeInetClass." handle ".$FreeInetClass.": sfq perturb 10\n");
     56    fputs($File, "/sbin/tc class add dev ".$InInterface." parent 1:1 classid 1:".$FreeInetClass." htb rate ".$FreeInetSpeed."kbit prio 3 quantum 1500\n");
     57    fputs($File, "/sbin/tc qdisc add dev ".$InInterface." parent 1:".$FreeInetClass." handle ".$FreeInetClass.": sfq perturb 10\n");
    5558  }
    5659  // Out going traffic
    57   fputs($File, "/sbin/tc qdisc del dev imq1 root\n");
     60  fputs($File, "/sbin/tc qdisc del dev ".$OutInterface." root\n");
    5861  if($Enabled)
    5962  {
    60     fputs($File, "/sbin/tc qdisc add dev imq1 root handle 1:0 htb default 2\n");
    61     fputs($File, "/sbin/tc class add dev imq1 parent 1:0 classid 1:1 htb rate ".$TotalMaxSpeedOut."kbit quantum 1500\n");
    62     fputs($File, "/sbin/tc class add dev imq1 parent 1:1 classid 1:".$FreeInetClass." htb rate ".$FreeInetSpeed."kbit prio 3 quantum 1500\n");
    63     fputs($File, "/sbin/tc qdisc add dev imq1 parent 1:".$FreeInetClass." handle ".$FreeInetClass.": sfq perturb 10\n");
     63    fputs($File, "/sbin/tc qdisc add dev ".$OutInterface." root handle 1:0 htb default 2\n");
     64    fputs($FileClassInfo, "1:1 Základní\n");
     65    fputs($File, "/sbin/tc class add dev ".$OutInterface." parent 1:0 classid 1:1 htb rate ".$TotalMaxSpeedOut."kbit quantum 1500\n");
     66    fputs($FileClassInfo, "1:2 Internet zdarma\n");
     67    fputs($File, "/sbin/tc class add dev ".$OutInterface." parent 1:1 classid 1:".$FreeInetClass." htb rate ".$FreeInetSpeed."kbit prio 3 quantum 1500\n");
     68    fputs($File, "/sbin/tc qdisc add dev ".$OutInterface." parent 1:".$FreeInetClass." handle ".$FreeInetClass.": sfq perturb 10\n");
    6469  }
    6570 
     
    7681
    7782  // VoIP in going traffic
    78   fputs($File, "/sbin/tc class add dev imq0 parent 1:1 classid 1:".$VoipClassId." htb rate ".$VoipSpeedIn."kbit ceil ".$VoipMaxSpeedIn."kbit quantum 12000 burst 6k cburst 3k prio ".$Prio."\n");
    79   fputs($File, "/sbin/tc qdisc add dev imq0 parent 1:".$VoipClassId." handle ".$VoipClassId.": sfq perturb 10\n");
    80   fputs($File, "/sbin/tc filter add dev imq0 parent 1:0 protocol ip handle ".$VoipClassId." fw flowid 1:".$VoipClassId."\n");
     83  fputs($File, "/sbin/tc class add dev ".$InInterface." parent 1:1 classid 1:".$VoipClassId." htb rate ".$VoipSpeedIn."kbit ceil ".$VoipMaxSpeedIn."kbit quantum 12000 burst 6k cburst 3k prio ".$Prio."\n");
     84  fputs($File, "/sbin/tc qdisc add dev ".$InInterface." parent 1:".$VoipClassId." handle ".$VoipClassId.": sfq perturb 10\n");
     85  fputs($File, "/sbin/tc filter add dev ".$InInterface." parent 1:0 protocol ip handle ".$VoipClassId." fw flowid 1:".$VoipClassId."\n");
    8186  // VoIP out going traffic
    82   fputs($File, "/sbin/tc class add dev imq1 parent 1:1 classid 1:".$VoipClassId." htb rate ".$VoipSpeedOut."kbit ceil ".$VoipMaxSpeedOut."kbit quantum 12000 burst 6k cburst 3k prio ".$Prio."\n");
    83   fputs($File, "/sbin/tc qdisc add dev imq1 parent 1:".$VoipClassId." handle ".$VoipClassId.": sfq perturb 10\n");
    84   fputs($File, "/sbin/tc filter add dev imq1 parent 1:0 protocol ip handle ".$VoipClassId." fw flowid 1:".$VoipClassId."\n");
     87  fputs($File, "/sbin/tc class add dev ".$OutInterface." parent 1:1 classid 1:".$VoipClassId." htb rate ".$VoipSpeedOut."kbit ceil ".$VoipMaxSpeedOut."kbit quantum 12000 burst 6k cburst 3k prio ".$Prio."\n");
     88  fputs($File, "/sbin/tc qdisc add dev ".$OutInterface." parent 1:".$VoipClassId." handle ".$VoipClassId.": sfq perturb 10\n");
     89  fputs($File, "/sbin/tc filter add dev ".$OutInterface." parent 1:0 protocol ip handle ".$VoipClassId." fw flowid 1:".$VoipClassId."\n");
    8590  fputs($FileClassInfo, '1:'.$VoipClassId." VoIP\n");
    8691
     
    97102  $AllUsersClassId = $ClassId;
    98103  $ClassId = $ClassId + 1;
    99   fputs($File, "/sbin/tc class add dev imq0 parent 1:1 classid 1:".$AllUsersClassId." htb rate ".$UsersMaxSpeedIn."kbit prio 1 quantum 1500\n");
    100   fputs($File, "/sbin/tc class add dev imq1 parent 1:1 classid 1:".$AllUsersClassId." htb rate ".$UsersMaxSpeedOut."kbit prio 1 quantum 1500\n");
    101   fputs($FileClassInfo, '1:'.$AllUsersClassId." Všichni uživatelé\n");
     104  fputs($File, "/sbin/tc class add dev ".$InInterface." parent 1:1 classid 1:".$AllUsersClassId." htb rate ".$UsersMaxSpeedIn."kbit prio 1 quantum 1500\n");
     105  fputs($File, "/sbin/tc class add dev ".$OutInterface." parent 1:1 classid 1:".$AllUsersClassId." htb rate ".$UsersMaxSpeedOut."kbit prio 1 quantum 1500\n");
     106  fputs($FileClassInfo, '1:'.$AllUsersClassId." Všichni uivatelé");
    102107
    103108  // Torrent sharing
     
    108113
    109114  // Torrent out going traffic
    110   fputs($File, "/sbin/tc class add dev imq1 parent 1:".$AllUsersClassId." classid 1:".$TorrentClassId." htb rate ".$TorrentSpeedOut."kbit ceil ".$UsersMaxSpeedOut."kbit prio ".$Prio." quantum 1500\n");
    111   fputs($File, "/sbin/tc qdisc add dev imq1 parent 1:".$TorrentClassId." handle ".$TorrentClassId.":0 sfq perturb 10\n");
    112   fputs($File, "/sbin/tc filter add dev imq1 parent 1:0 protocol ip handle ".$TorrentClassId." fw flowid 1:".$TorrentClassId."\n");
     115  fputs($File, "/sbin/tc class add dev ".$OutInterface." parent 1:".$AllUsersClassId." classid 1:".$TorrentClassId." htb rate ".$TorrentSpeedOut."kbit ceil ".$UsersMaxSpeedOut."kbit prio ".$Prio." quantum 1500\n");
     116  fputs($File, "/sbin/tc qdisc add dev ".$OutInterface." parent 1:".$TorrentClassId." handle ".$TorrentClassId.":0 sfq perturb 10\n");
     117  fputs($File, "/sbin/tc filter add dev ".$OutInterface." parent 1:0 protocol ip handle ".$TorrentClassId." fw flowid 1:".$TorrentClassId."\n");
    113118  fputs($FileClassInfo, '1:'.$TorrentClassId." Torrent\n");
    114119  // Torrent in going traffic
    115   fputs($File, "/sbin/tc class add dev imq0 parent 1:".$AllUsersClassId." classid 1:".$TorrentClassId." htb rate ".$TorrentSpeedOut."kbit ceil ".$UsersMaxSpeedOut."kbit prio ".$Prio." quantum 1500\n");
    116   fputs($File, "/sbin/tc qdisc add dev imq0 parent 1:".$TorrentClassId." handle ".$TorrentClassId.":0 sfq perturb 10\n");
    117   fputs($File, "/sbin/tc filter add dev imq0 parent 1:0 protocol ip handle ".$TorrentClassId." fw flowid 1:".$TorrentClassId."\n");
     120  fputs($File, "/sbin/tc class add dev ".$InInterface." parent 1:".$AllUsersClassId." classid 1:".$TorrentClassId." htb rate ".$TorrentSpeedOut."kbit ceil ".$UsersMaxSpeedOut."kbit prio ".$Prio." quantum 1500\n");
     121  fputs($File, "/sbin/tc qdisc add dev ".$InInterface." parent 1:".$TorrentClassId." handle ".$TorrentClassId.":0 sfq perturb 10\n");
     122  fputs($File, "/sbin/tc filter add dev ".$InInterface." parent 1:0 protocol ip handle ".$TorrentClassId." fw flowid 1:".$TorrentClassId."\n");
    118123  fputs($FileClassInfo, '1:'.$TorrentClassId." Torrent\n");
    119124
     
    130135
    131136    fputs($File, "# === ".$User['fullname']." ===\n");
    132     fputs($File, "/sbin/tc class add dev imq0 parent 1:".$AllUsersClassId." classid 1:".$UserClassId." htb rate ".$SpeedIn."bit ceil ".$UserMaxSpeedIn."bit prio 1 quantum ".$Quantum."\n");
    133     //fputs($File, "/sbin/tc qdisc add dev imq0 parent 1:".$UserClassId." handle ".$UserClassId.":0 htb r2q 10\n");
    134     //fputs($File, "/sbin/tc class add dev imq0 parent ".$UserClassId.":0 classid ".$UserClassId.":".$UserClassId." htb rate ".$UserMaxSpeedIn."bit prio 1\n");
    135     fputs($File, "/sbin/tc class add dev imq1 parent 1:".$AllUsersClassId." classid 1:".$UserClassId." htb rate ".$SpeedOut."bit ceil ".$UserMaxSpeedOut."bit prio 1 quantum ".$Quantum."\n");
    136     //fputs($File, "/sbin/tc qdisc add dev imq1 parent 1:".$UserClassId." handle ".$UserClassId.":0 htb r2q 10\n");
    137     //fputs($File, "/sbin/tc class add dev imq1 parent ".$UserClassId.":0 classid ".$UserClassId.":".$UserClassId." htb rate ".$UserMaxSpeedOut."bit prio 1\n");
     137    fputs($File, "/sbin/tc class add dev ".$InInterface." parent 1:".$AllUsersClassId." classid 1:".$UserClassId." htb rate ".$SpeedIn."bit ceil ".$UserMaxSpeedIn."bit prio 1 quantum ".$Quantum."\n");
     138    //fputs($File, "/sbin/tc qdisc add dev ".$InInterface." parent 1:".$UserClassId." handle ".$UserClassId.":0 htb r2q 10\n");
     139    //fputs($File, "/sbin/tc class add dev ".$InInterface." parent ".$UserClassId.":0 classid ".$UserClassId.":".$UserClassId." htb rate ".$UserMaxSpeedIn."bit prio 1\n");
     140    fputs($File, "/sbin/tc class add dev ".$OutInterface." parent 1:".$AllUsersClassId." classid 1:".$UserClassId." htb rate ".$SpeedOut."bit ceil ".$UserMaxSpeedOut."bit prio 1 quantum ".$Quantum."\n");
     141    //fputs($File, "/sbin/tc qdisc add dev ".$OutInterface." parent 1:".$UserClassId." handle ".$UserClassId.":0 htb r2q 10\n");
     142    //fputs($File, "/sbin/tc class add dev ".$OutInterface." parent ".$UserClassId.":0 classid ".$UserClassId.":".$UserClassId." htb rate ".$UserMaxSpeedOut."bit prio 1\n");
    138143    fputs($FileClassInfo, '1:'.$UserClassId.' '.$User['fullname']."\n");
    139144
     
    168173        $SpeedDivider = 1;
    169174
    170               if($Host['name'] == 'CENTRALA')
     175              if($Host['name'] == 'centrala')
    171176              {
    172177                $Host['IP'] = $Host['external_ip'];
     
    180185              //if($Row['name'] == 'TERMINAL2') $Prio = 0;
    181186        //      if($Row['name'] = 'TERMINAL2') $Prio = 0;
    182         if($Host['name'] == 'VOIP-HAJDA') $Protocol = ' -p tcp';
     187        if($Host['name'] == 'voip-hajda') $Protocol = ' -p tcp';
    183188          else $Protocol = '';
    184189        //      if($Host['name'] == 'KARLOS') $UserMaxSpeedIn = 128000;
    185         if($Host['name'] == 'GAME')
     190        /*
     191if($Host['name'] == 'GAME')
    186192        {
    187193          exec('/sbin/iptables -t mangle -F game-server');       
    188194                $TableOut = 'game-server';
    189195                $TableIn = 'game-server';
    190         }
    191         if($Host['name'] == 'TBC') continue;
     196        }*/
     197        //if($Host['name'] == 'TBC') continue;
    192198
    193199        // In going traffic
    194         exec('/sbin/iptables -t mangle -A '.$TableIn.' -i eth1 -d '.$Host['IP'].$Protocol." -j MARK --set-mark ".$HostClassId);
    195               fputs($File, "/sbin/tc class add dev imq0 parent 1:".$UserClassId." classid 1:".$HostClassId." htb rate ".$HostSpeedIn."bit ceil ".$UserMaxSpeedIn."bit prio ".$Prio." quantum ".$Quantum."\n");
    196               fputs($File, "/sbin/tc qdisc add dev imq0 parent 1:".$HostClassId." handle ".$HostClassId.":0 sfq perturb 10\n");
    197             //fputs($File, "/sbin/tc filter add dev imq0 parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$UserClassId."\n");
    198             fputs($File, "/sbin/tc filter add dev imq0 parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$HostClassId."\n");
     200        //exec('/sbin/iptables -t mangle -A '.$TableIn.' -i eth1 -d '.$Host['IP'].$Protocol." -j MARK --set-mark ".$HostClassId);
     201              fputs($File, "/sbin/tc class add dev ".$InInterface." parent 1:".$UserClassId." classid 1:".$HostClassId." htb rate ".$HostSpeedIn."bit ceil ".$UserMaxSpeedIn."bit prio ".$Prio." quantum ".$Quantum."\n");
     202              fputs($File, "/sbin/tc qdisc add dev ".$InInterface." parent 1:".$HostClassId." handle ".$HostClassId.":0 sfq perturb 10\n");
     203            //fputs($File, "/sbin/tc filter add dev ".$InInterface." parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$UserClassId."\n");
     204            fputs($File, "/sbin/tc filter add dev ".$InInterface." parent 1:0 protocol ip prio 1 u32 match ip dst ".$Host['external_ip']."/32 flowid 1:".$HostClassId."\n");
    199205       
    200206        // Out going traffic
    201         exec('/sbin/iptables -t mangle -A '.$TableOut.' -o eth1 -s '.$Host['IP'].$Protocol." -j MARK --set-mark ".$HostClassId);
    202         fputs($File, "/sbin/tc class add dev imq1 parent 1:".$UserClassId." classid 1:".$HostClassId." htb rate ".$HostSpeedOut."bit ceil ".$UserMaxSpeedOut."bit prio ".$Prio." quantum ".$Quantum."\n");
    203               fputs($File, "/sbin/tc qdisc add dev imq1 parent 1:".$HostClassId." handle ".$HostClassId.":0 sfq perturb 10\n");
    204               //fputs($File, "/sbin/tc filter add dev imq1 parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$UserClassId."\n");
    205               fputs($File, "/sbin/tc filter add dev imq1 parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$HostClassId."\n");
     207        //exec('/sbin/iptables -t mangle -A '.$TableOut.' -o eth1 -s '.$Host['IP'].$Protocol." -j MARK --set-mark ".$HostClassId);
     208        fputs($File, "/sbin/tc class add dev ".$OutInterface." parent 1:".$UserClassId." classid 1:".$HostClassId." htb rate ".$HostSpeedOut."bit ceil ".$UserMaxSpeedOut."bit prio ".$Prio." quantum ".$Quantum."\n");
     209              fputs($File, "/sbin/tc qdisc add dev ".$OutInterface." parent 1:".$HostClassId." handle ".$HostClassId.":0 sfq perturb 10\n");
     210              //fputs($File, "/sbin/tc filter add dev ".$OutInterface." parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$UserClassId."\n");
     211              fputs($File, "/sbin/tc filter add dev ".$OutInterface." parent 1:0 protocol ip prio 1 u32 match ip src ".$Host['external_ip']."/32 flowid 1:".$HostClassId."\n");
    206212               //echo($Row['id'].',');
    207213      }
     
    213219      }
    214220      // VoIP devices
     221/*
    215222      if(($Host['name'] == 'HAJDA-VOIP') || ($Host['name'] == 'NAVRATIL-VOIP'))
    216223      {
     
    260267       
    261268      }
    262      
    263      
     269*/
     270
    264271    }
    265272  }
    266273  //echo($Row['id'].',');
    267  
    268   }
    269  
     274
     275  }
     276
    270277  // In going traffic
    271278  // exec('/sbin/iptables -t mangle -A FORWARD -m mark --mark 1 -j LOG --log-prefix "TRAFFIC " --log-level info');
    272   exec('/sbin/iptables -t mangle -A FORWARD -i eth1 -j IMQ --todev 0');
    273   exec('/sbin/iptables -t mangle -A INPUT -i eth1 -j IMQ --todev 0');
     279  //exec('/sbin/iptables -t mangle -A FORWARD -i eth1 -j IMQ --todev 0');
     280  //exec('/sbin/iptables -t mangle -A INPUT -i eth1 -j IMQ --todev 0');
    274281  // Out going traffic
    275   exec('/sbin/iptables -t mangle -A FORWARD -o eth1 -j IMQ --todev 1');
    276   exec('/sbin/iptables -t mangle -A OUTPUT -o eth1 -j IMQ --todev 1');
    277   exec('/sbin/iptables-save >/etc/sysconfig/iptables');
     282  //exec('/sbin/iptables -t mangle -A FORWARD -o eth1 -j IMQ --todev 1');
     283  //exec('/sbin/iptables -t mangle -A OUTPUT -o eth1 -j IMQ --todev 1');
     284
     285  fputs($File, "\n# Interface redirection\n");
     286  fputs($File, "/sbin/tc qdisc del dev ".$InetInterface." ingress\n");
     287  fputs($File, "/sbin/tc qdisc add dev ".$InetInterface." ingress\n");
     288  fputs($File, "/sbin/tc filter add dev ".$InetInterface." parent ffff: protocol ip prio 10 u32 match u32 0 0 flowid 1:1 action mirred egress redirect dev ifb0\n");
     289
     290  //fputs($File, "/sbin/tc qdisc del dev ".$InetInterface." root handle 1: htb default 10\n");
     291  //fputs($File, "/sbin/tc qdisc add dev ".$InetInterface." root handle 1: htb default 10\n");
     292  //fputs($File, "/sbin/tc filter add dev ".$InetInterface." parent 1: protocol ip prio 10 u32 match u32 0 0 flowid 1:1 action mirred egress redirect dev ifb1\n");
     293
     294  //exec('/sbin/iptables-save >/etc/sysconfig//sbin/iptables');
    278295  fclose($File);
    279296  fclose($FileClassInfo);

  • system/statistic/traffic.php

    r111 r112  
    11<?php
    22
    3 include('../../html/global.php');
     3chdir('/a/www/centrala/');
     4include('global.php');
    45$Database->select_db('statistic');
    56$Config['Web']['ShowError'] = 1;
     
    144145
    145146  $Database->select_db('statistic');
    146   $HDD = round(disk_free_space('/')/1024);
    147   $HDD2 = round(disk_free_space('/mnt/sda1')/1024);
     147  $HDD = round(disk_free_space('/') / 1024);
     148  $HDD2 = round(disk_free_space('/mnt/Samsung500') / 1024);
    148149 
    149150  // Na�en�teploty
     
    185186    'ping_nix' => $Ping,
    186187    'inet_down' => $NetworkStat['eth1']['down_avg'], 'inet_up' => $NetworkStat['eth1']['up_avg'],
    187     'eth0_down' => $NetworkStat['eth0']['down_avg'], 'eth0_up' => $NetworkStat['eth0']['up_avg'],
     188    'eth0_down' => $NetworkStat['eth0']['down_avg'], 'eth0_up' => $NetworkStat['eth0']['up_avg']);
    188189//    'wlan0_down' => $NetworkStat['wlan0']['down_avg'], 'wlan0_up' => $NetworkStat['wlan0']['up_avg'],
    189190//    'wlan1_down' => $NetworkStat['wlan1']['down_avg'], 'wlan1_up' => $NetworkStat['wlan1']['up_avg'],
    190191//    'wlan2_down' => $NetworkStat['wlan2']['down_avg'], 'wlan2_up' => $NetworkStat['wlan2']['up_avg'],
    191     'eth2_down' => $NetworkStat['eth2']['down_avg'], 'eth2_up' => $NetworkStat['eth2']['up_avg']);
     192//    'eth2_down' => $NetworkStat['eth2']['down_avg'], 'eth2_up' => $NetworkStat['eth2']['up_avg']);
    192193  $Database->insert('traffic', $NewItem);
     194
    193195  //echo(serialize($NewItem)."\n");
    194196    //$LevelDivider = 10;
Note: See TracChangeset for help on using the changeset viewer.