- Timestamp:
- Dec 6, 2008, 12:01:57 PM (16 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
system/generators/traffic_shaping_routerboard.php
r120 r121 42 42 $Commands[] = ' /ip firewall mangle add chain=forward in-interface='.$InetInterface.' action=jump jump-target=inet-in'; 43 43 44 // Slow free internet45 $Commands[] = ' /queue tree add name=free-out limit-at='.$FreeInetSpeed.' max-limit='.$FreeInetSpeed.' parent=main-out packet-mark='.$PacketMark;46 $Commands[] = ' /ip firewall mangle add chain=inet-out out-interface='.$InetInterface.' action=mark-packet new-packet-mark='.$PacketMark;47 $PacketMark++;48 $Commands[] = ' /queue tree add name=free-in limit-at='.$FreeInetSpeed.' max-limit='.$FreeInetSpeed.' parent=main-in packet-mark='.$PacketMark;49 $Commands[] = ' /ip firewall mangle add chain=inet-in in-interface='.$InetInterface.' action=mark-packet new-packet-mark='.$PacketMark;50 $PacketMark++;51 52 44 // Divide rules by subnet number 53 45 foreach(array(0, 1, 2, 3, 4, 5, 7) as $Subnet) … … 56 48 $Commands[] = ' /ip firewall mangle add chain=inet-in dst-address=192.168.'.$Subnet.'.0/24 in-interface='.$InetInterface.' action=jump jump-target=inet-in-'.$Subnet; 57 49 } 50 51 // Slow free internet 52 $Commands[] = ' /queue tree add name=free-out limit-at='.$FreeInetSpeed.' max-limit='.$FreeInetSpeed.' parent=main-out packet-mark='.$PacketMark; 53 $Commands[] = ' /ip firewall mangle add chain=inet-out out-interface='.$InetInterface.' action=mark-packet new-packet-mark='.$PacketMark.' queue=wireless-default'; 54 $PacketMark++; 55 $Commands[] = ' /queue tree add name=free-in limit-at='.$FreeInetSpeed.' max-limit='.$FreeInetSpeed.' parent=main-in packet-mark='.$PacketMark.' queue=wireless-default'; 56 $Commands[] = ' /ip firewall mangle add chain=inet-in in-interface='.$InetInterface.' action=mark-packet new-packet-mark='.$PacketMark; 57 $PacketMark++; 58 58 59 59 60 // Process users … … 72 73 $UserMaxSpeedOut = round($Tarify[$User['inet_tarif_now']]['max_speed'] / $OutDivider); 73 74 $Quantum = $Tarify[$User['inet_tarif_now']]['speed_factor'] * 1500; 74 $Commands[] = ' /queue tree add name='.$User['fullname'].'-out limit-at='.$SpeedIn.' max-limit='.$UserMaxSpeedIn.' parent=main-out ';75 $Commands[] = ' /queue tree add name='.$User['fullname'].'-in limit-at='.$SpeedOut.' max-limit='.$UserMaxSpeedOut.' parent=main-in ';75 $Commands[] = ' /queue tree add name='.$User['fullname'].'-out limit-at='.$SpeedIn.' max-limit='.$UserMaxSpeedIn.' parent=main-out queue=wireless-default'; 76 $Commands[] = ' /queue tree add name='.$User['fullname'].'-in limit-at='.$SpeedOut.' max-limit='.$UserMaxSpeedOut.' parent=main-in queue=wireless-default'; 76 77 77 78 $DbResult2 = $Database->select('hosts', 'COUNT(*)', "block=0 AND MAC!='' AND user=".$User['id']); … … 89 90 $Subnet = $IPParts[2]; 90 91 $Commands[] = ' /ip firewall mangle add chain=inet-out-'.$Subnet.' src-address='.$Host['IP'].' out-interface='.$InetInterface.' action=mark-packet new-packet-mark='.$PacketMark.' passthrough=no'; 91 $Commands[] = ' /queue tree add name='.$Host['name'].'-out limit-at='.$HostSpeedIn.' max-limit='.$UserMaxSpeedIn.' parent='.$User['fullname'].'-out packet-mark='.$PacketMark ;92 $Commands[] = ' /queue tree add name='.$Host['name'].'-out limit-at='.$HostSpeedIn.' max-limit='.$UserMaxSpeedIn.' parent='.$User['fullname'].'-out packet-mark='.$PacketMark.' queue=wireless-default'; 92 93 $PacketMark++; 93 94 $Commands[] = ' /ip firewall mangle add chain=inet-in-'.$Subnet.' dst-address='.$Host['IP'].' in-interface='.$InetInterface.' action=mark-packet new-packet-mark='.$PacketMark.' passthrough=no'; 94 $Commands[] = ' /queue tree add name='.$Host['name'].'-in limit-at='.$HostSpeedOut.' max-limit='.$UserMaxSpeedOut.' parent='.$User['fullname'].'-in packet-mark='.$PacketMark ;95 $Commands[] = ' /queue tree add name='.$Host['name'].'-in limit-at='.$HostSpeedOut.' max-limit='.$UserMaxSpeedOut.' parent='.$User['fullname'].'-in packet-mark='.$PacketMark.' queue=wireless-default'; 95 96 $PacketMark++; 96 97 /* … … 119 120 array_pop($Output); 120 121 121 /*122 123 $FileClassInfo = fopen('/tmp/ClassInfo.txt', 'w+');124 $File = fopen('/a/bin/htb.sh', 'w+');125 fputs($File, "#!/bin/sh\n");126 exec('/sbin/iptables -t mangle -F FORWARD');127 exec('/sbin/iptables -t mangle -F INPUT');128 exec('/sbin/iptables -t mangle -F OUTPUT');129 exec('/sbin/iptables -t mangle -F PREROUTING');130 exec('/sbin/iptables -t mangle -F POSTROUTING');131 if($Enabled)132 {133 //exec('/sbin/iptables -t mangle -A FORWARD -j MARK --set-mark 0');134 //exec('/sbin/iptables -t mangle -i eth1 -A FORWARD -j MARK --set-mark 1');135 //exec('/sbin/iptables -t mangle -o eth1 -A FORWARD -j MARK --set-mark 1');136 }137 138 139 $FreeInetClass = 2;140 141 // In going traffic142 fputs($File, "/sbin/tc qdisc del dev ".$InInterface." root\n");143 if($Enabled)144 {145 fputs($File, "/sbin/tc qdisc add dev ".$InInterface." root handle 1:0 htb default 2\n");146 fputs($FileClassInfo, "1:1 Základní\n");147 fputs($File, "/sbin/tc class add dev ".$InInterface." parent 1:0 classid 1:1 htb rate ".$TotalMaxSpeedIn."kbit quantum 1500\n");148 fputs($FileClassInfo, "1:2 Internet zdarma\n");149 fputs($File, "/sbin/tc class add dev ".$InInterface." parent 1:1 classid 1:".$FreeInetClass." htb rate ".$FreeInetSpeed."kbit prio 3 quantum 1500\n");150 fputs($File, "/sbin/tc qdisc add dev ".$InInterface." parent 1:".$FreeInetClass." handle ".$FreeInetClass.": sfq perturb 10\n");151 }152 // Out going traffic153 fputs($File, "/sbin/tc qdisc del dev ".$OutInterface." root\n");154 if($Enabled)155 {156 fputs($File, "/sbin/tc qdisc add dev ".$OutInterface." root handle 1:0 htb default 2\n");157 fputs($FileClassInfo, "1:1 Základní\n");158 fputs($File, "/sbin/tc class add dev ".$OutInterface." parent 1:0 classid 1:1 htb rate ".$TotalMaxSpeedOut."kbit quantum 1500\n");159 fputs($FileClassInfo, "1:2 Internet zdarma\n");160 fputs($File, "/sbin/tc class add dev ".$OutInterface." parent 1:1 classid 1:".$FreeInetClass." htb rate ".$FreeInetSpeed."kbit prio 3 quantum 1500\n");161 fputs($File, "/sbin/tc qdisc add dev ".$OutInterface." parent 1:".$FreeInetClass." handle ".$FreeInetClass.": sfq perturb 10\n");162 }163 164 if(!$Enabled) die("Traffic shaping disabled\n");165 166 if($ClassesEnabled)167 {168 $ClassId = 3;169 170 // VoIP171 $VoipClassId = $ClassId;172 $ClassId = $ClassId + 1;173 $Prio = 0; // Highest174 175 // VoIP in going traffic176 fputs($File, "/sbin/tc class add dev ".$InInterface." parent 1:1 classid 1:".$VoipClassId." htb rate ".$VoipSpeedIn."kbit ceil ".$VoipMaxSpeedIn."kbit quantum 12000 burst 6k cburst 3k prio ".$Prio."\n");177 fputs($File, "/sbin/tc qdisc add dev ".$InInterface." parent 1:".$VoipClassId." handle ".$VoipClassId.": sfq perturb 10\n");178 fputs($File, "/sbin/tc filter add dev ".$InInterface." parent 1:0 protocol ip handle ".$VoipClassId." fw flowid 1:".$VoipClassId."\n");179 // VoIP out going traffic180 fputs($File, "/sbin/tc class add dev ".$OutInterface." parent 1:1 classid 1:".$VoipClassId." htb rate ".$VoipSpeedOut."kbit ceil ".$VoipMaxSpeedOut."kbit quantum 12000 burst 6k cburst 3k prio ".$Prio."\n");181 fputs($File, "/sbin/tc qdisc add dev ".$OutInterface." parent 1:".$VoipClassId." handle ".$VoipClassId.": sfq perturb 10\n");182 fputs($File, "/sbin/tc filter add dev ".$OutInterface." parent 1:0 protocol ip handle ".$VoipClassId." fw flowid 1:".$VoipClassId."\n");183 fputs($FileClassInfo, '1:'.$VoipClassId." VoIP\n");184 185 186 // Users hosts187 //DB_Select('users', 'COUNT(*)', 'inet=1');188 //$Row = DB_Row();189 //$InetUserCount = $Row[0];190 //$SpeedIn = round($UsersMaxSpeedIn / $InetUserCount);191 //$SpeedOut = round($UsersMaxSpeedOut / $InetUserCount);192 $Prio = 1;193 194 195 $AllUsersClassId = $ClassId;196 $ClassId = $ClassId + 1;197 fputs($File, "/sbin/tc class add dev ".$InInterface." parent 1:1 classid 1:".$AllUsersClassId." htb rate ".$UsersMaxSpeedIn."kbit prio 1 quantum 1500\n");198 fputs($File, "/sbin/tc class add dev ".$OutInterface." parent 1:1 classid 1:".$AllUsersClassId." htb rate ".$UsersMaxSpeedOut."kbit prio 1 quantum 1500\n");199 fputs($FileClassInfo, '1:'.$AllUsersClassId." Všichni uivatelé\n");200 201 // Torrent sharing202 $TorrentClassId = $ClassId;203 $ClassId = $ClassId + 1;204 $Prio = 2; // Lowest205 $TorrentSpeedOut = 4;206 207 // Torrent out going traffic208 fputs($File, "/sbin/tc class add dev ".$OutInterface." parent 1:".$AllUsersClassId." classid 1:".$TorrentClassId." htb rate ".$TorrentSpeedOut."kbit ceil ".$UsersMaxSpeedOut."kbit prio ".$Prio." quantum 1500\n");209 fputs($File, "/sbin/tc qdisc add dev ".$OutInterface." parent 1:".$TorrentClassId." handle ".$TorrentClassId.":0 sfq perturb 10\n");210 fputs($File, "/sbin/tc filter add dev ".$OutInterface." parent 1:0 protocol ip handle ".$TorrentClassId." fw flowid 1:".$TorrentClassId."\n");211 fputs($FileClassInfo, '1:'.$TorrentClassId." Torrent\n");212 // Torrent in going traffic213 fputs($File, "/sbin/tc class add dev ".$InInterface." parent 1:".$AllUsersClassId." classid 1:".$TorrentClassId." htb rate ".$TorrentSpeedOut."kbit ceil ".$UsersMaxSpeedOut."kbit prio ".$Prio." quantum 1500\n");214 fputs($File, "/sbin/tc qdisc add dev ".$InInterface." parent 1:".$TorrentClassId." handle ".$TorrentClassId.":0 sfq perturb 10\n");215 fputs($File, "/sbin/tc filter add dev ".$InInterface." parent 1:0 protocol ip handle ".$TorrentClassId." fw flowid 1:".$TorrentClassId."\n");216 fputs($FileClassInfo, '1:'.$TorrentClassId." Torrent\n");217 218 $DbResult = $Database->select('users', '*, CONCAT(second_name, " ", first_name) as fullname', '(inet=1)');219 while($User = $DbResult->fetch_array())220 {221 $UserClassId = $ClassId;222 $ClassId = $ClassId + 1;223 $SpeedIn = round($Tarify[$User['inet_tarif_now']]['min_speed'] / $InDivider);224 $SpeedOut = round($Tarify[$User['inet_tarif_now']]['min_speed'] / $OutDivider);225 $UserMaxSpeedIn = round($Tarify[$User['inet_tarif_now']]['max_speed'] / $InDivider);226 $UserMaxSpeedOut = round($Tarify[$User['inet_tarif_now']]['max_speed'] / $OutDivider);227 $Quantum = $Tarify[$User['inet_tarif_now']]['speed_factor'] * 1500;228 229 fputs($File, "# === ".$User['fullname']." ===\n");230 fputs($File, "/sbin/tc class add dev ".$InInterface." parent 1:".$AllUsersClassId." classid 1:".$UserClassId." htb rate ".$SpeedIn."bit ceil ".$UserMaxSpeedIn."bit prio 1 quantum ".$Quantum."\n");231 //fputs($File, "/sbin/tc qdisc add dev ".$InInterface." parent 1:".$UserClassId." handle ".$UserClassId.":0 htb r2q 10\n");232 //fputs($File, "/sbin/tc class add dev ".$InInterface." parent ".$UserClassId.":0 classid ".$UserClassId.":".$UserClassId." htb rate ".$UserMaxSpeedIn."bit prio 1\n");233 fputs($File, "/sbin/tc class add dev ".$OutInterface." parent 1:".$AllUsersClassId." classid 1:".$UserClassId." htb rate ".$SpeedOut."bit ceil ".$UserMaxSpeedOut."bit prio 1 quantum ".$Quantum."\n");234 //fputs($File, "/sbin/tc qdisc add dev ".$OutInterface." parent 1:".$UserClassId." handle ".$UserClassId.":0 htb r2q 10\n");235 //fputs($File, "/sbin/tc class add dev ".$OutInterface." parent ".$UserClassId.":0 classid ".$UserClassId.":".$UserClassId." htb rate ".$UserMaxSpeedOut."bit prio 1\n");236 fputs($FileClassInfo, '1:'.$UserClassId.' '.$User['fullname']."\n");237 238 //echo('User class id: '.$UserClassId."\n");239 240 $DbResult2 = $Database->select('hosts', 'COUNT(*)', "block=0 AND MAC!='' AND user=".$User['id']);241 $Row = $DbResult2->fetch_array();242 $HostCount = $Row[0];243 $HostSpeedIn = round($SpeedIn / $HostCount);244 $HostSpeedOut = round($SpeedOut / $HostCount);245 246 $DbResult2 = $Database->select('hosts','*',"block=0 AND MAC!='' AND user=".$User['id']);247 while($Host = $DbResult2->fetch_array())248 //if($Row['name'] != 'WOW')249 {250 $HostClassId = $ClassId;251 $ClassId = $ClassId + 1;252 fputs($File, "# ".$Host['name']."\n");253 fputs($FileClassInfo, '1:'.$HostClassId.' '.$Host['name']."\n");254 //echo(' Host class id: '.$HostClassId."\n");255 //if($User['inet'] == 1)256 {257 $Prio = 1;258 if($Host['vpn'] == 1)259 {260 if($Host['external_ip'] != '') $Host['IP'] = $Host['external_ip'];261 else $Host['IP'] = ToVpnIp($Host);262 }263 264 //if($Host['name'] == 'TERMINAL') $SpeedDivider = 0.5;265 //else266 $SpeedDivider = 1;267 268 if($Host['name'] == 'centrala')269 {270 $Host['IP'] = $Host['external_ip'];271 $TableOut = 'OUTPUT';272 $TableIn = 'INPUT';273 } else274 {275 $TableOut = 'FORWARD';276 $TableIn = 'FORWARD';277 }278 //if($Row['name'] == 'TERMINAL2') $Prio = 0;279 // if($Row['name'] = 'TERMINAL2') $Prio = 0;280 if($Host['name'] == 'voip-hajda') $Protocol = ' -p tcp';281 else $Protocol = '';282 // if($Host['name'] == 'KARLOS') $UserMaxSpeedIn = 128000;283 284 if($Host['name'] == 'GAME')285 {286 exec('/sbin/iptables -t mangle -F game-server');287 $TableOut = 'game-server';288 $TableIn = 'game-server';289 }290 //if($Host['name'] == 'TBC') continue;291 292 // In going traffic293 //exec('/sbin/iptables -t mangle -A '.$TableIn.' -i eth1 -d '.$Host['IP'].$Protocol." -j MARK --set-mark ".$HostClassId);294 fputs($File, "/sbin/tc class add dev ".$InInterface." parent 1:".$UserClassId." classid 1:".$HostClassId." htb rate ".$HostSpeedIn."bit ceil ".$UserMaxSpeedIn."bit prio ".$Prio." quantum ".$Quantum."\n");295 fputs($File, "/sbin/tc qdisc add dev ".$InInterface." parent 1:".$HostClassId." handle ".$HostClassId.":0 sfq perturb 10\n");296 //fputs($File, "/sbin/tc filter add dev ".$InInterface." parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$UserClassId."\n");297 fputs($File, "/sbin/tc filter add dev ".$InInterface." parent 1:0 protocol ip prio 1 u32 match ip dst ".$Host['external_ip']."/32 flowid 1:".$HostClassId."\n");298 299 // Out going traffic300 //exec('/sbin/iptables -t mangle -A '.$TableOut.' -o eth1 -s '.$Host['IP'].$Protocol." -j MARK --set-mark ".$HostClassId);301 fputs($File, "/sbin/tc class add dev ".$OutInterface." parent 1:".$UserClassId." classid 1:".$HostClassId." htb rate ".$HostSpeedOut."bit ceil ".$UserMaxSpeedOut."bit prio ".$Prio." quantum ".$Quantum."\n");302 fputs($File, "/sbin/tc qdisc add dev ".$OutInterface." parent 1:".$HostClassId." handle ".$HostClassId.":0 sfq perturb 10\n");303 //fputs($File, "/sbin/tc filter add dev ".$OutInterface." parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$UserClassId."\n");304 fputs($File, "/sbin/tc filter add dev ".$OutInterface." parent 1:0 protocol ip prio 1 u32 match ip src ".$Host['external_ip']."/32 flowid 1:".$HostClassId."\n");305 //echo($Row['id'].',');306 }307 // Free inet308 if($Tarify[$User['inet_tarif_now']]['group_id'] == 3)309 {310 //exec('/sbin/iptables -t mangle -A '.$TableIn.' -i eth1 -d '.$Host['IP'].$Protocol." -j MARK --set-mark ".$FreeInetClass);311 //exec('/sbin/iptables -t mangle -A '.$TableOut.' -o eth1 -s '.$Host['IP'].$Protocol." -j MARK --set-mark ".$FreeInetClass);312 }313 // VoIP devices314 if(($Host['name'] == 'HAJDA-VOIP') || ($Host['name'] == 'NAVRATIL-VOIP'))315 {316 exec('/sbin/iptables -t mangle -A '.$TableIn." -i eth1 -d ".$Host['IP']." -p udp -j MARK --set-mark ".$VoipClassId);317 exec('/sbin/iptables -t mangle -A '.$TableOut." -o eth1 -s ".$Host['IP']." -p udp -j MARK --set-mark ".$VoipClassId);318 } else319 if($Host['name'] == 'GAME')320 {321 exec('/sbin/iptables -t mangle -A FORWARD -o eth1 -s '.$Host['IP']." -j game-server");322 exec('/sbin/iptables -t mangle -A FORWARD -i eth1 -d '.$Host['IP']." -j game-server");323 324 exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -j MARK --set-mark ".$TorrentClassId);325 exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -j MARK --set-mark ".$TorrentClassId);326 //exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 10886 -j MARK --set-mark ".$TorrentClassId);327 // default torrents328 //exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 10886 -j MARK --set-mark ".$TorrentClassId);329 330 // Local services331 exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p icmp -j MARK --set-mark ".$HostClassId); // ICMP332 exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p icmp -j MARK --set-mark ".$HostClassId);333 exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 6969 -j MARK --set-mark ".$HostClassId); // web torrent334 exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 6969 -j MARK --set-mark ".$HostClassId);335 exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 80 -j MARK --set-mark ".$HostClassId); // web336 exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 80 -j MARK --set-mark ".$HostClassId);337 exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 21 -j MARK --set-mark ".$HostClassId); // FTP338 exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 21 -j MARK --set-mark ".$HostClassId);339 exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 8085 -j MARK --set-mark ".$HostClassId); // wow game server340 exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 8085 -j MARK --set-mark ".$HostClassId);341 exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 3724 -j MARK --set-mark ".$HostClassId); // wow login server342 exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 3724 -j MARK --set-mark ".$HostClassId);343 exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 22 -j MARK --set-mark ".$HostClassId); // wow game server344 exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 22 -j MARK --set-mark ".$HostClassId);345 exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 443 -j MARK --set-mark ".$HostClassId); // https346 exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 443 -j MARK --set-mark ".$HostClassId);347 exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 27015 -j MARK --set-mark ".$HostClassId); // Counter Strike348 exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 27015 -j MARK --set-mark ".$HostClassId);349 exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 5905 -j MARK --set-mark ".$HostClassId); // VNC350 exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 5905 -j MARK --set-mark ".$HostClassId);351 exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 5906 -j MARK --set-mark ".$HostClassId); // VNC352 exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 5906 -j MARK --set-mark ".$HostClassId);353 354 // Remote services355 exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --dport 443 -j MARK --set-mark ".$HostClassId); // https356 exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --sport 443 -j MARK --set-mark ".$HostClassId);357 exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --dport 80 -j MARK --set-mark ".$HostClassId); // http358 exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --sport 80 -j MARK --set-mark ".$HostClassId);359 360 }361 362 }363 }364 //echo($Row['id'].',');365 366 }367 368 // In going traffic369 // exec('/sbin/iptables -t mangle -A FORWARD -m mark --mark 1 -j LOG --log-prefix "TRAFFIC " --log-level info');370 //exec('/sbin/iptables -t mangle -A FORWARD -i eth1 -j IMQ --todev 0');371 //exec('/sbin/iptables -t mangle -A INPUT -i eth1 -j IMQ --todev 0');372 // Out going traffic373 //exec('/sbin/iptables -t mangle -A FORWARD -o eth1 -j IMQ --todev 1');374 //exec('/sbin/iptables -t mangle -A OUTPUT -o eth1 -j IMQ --todev 1');375 376 fputs($File, "\n# Interface redirection\n");377 fputs($File, "/sbin/tc qdisc del dev ".$InetInterface." ingress\n");378 fputs($File, "/sbin/tc qdisc add dev ".$InetInterface." ingress\n");379 fputs($File, "/sbin/tc filter add dev ".$InetInterface." parent ffff: protocol ip prio 10 u32 match u32 0 0 flowid 1:1 action mirred egress redirect dev ifb0\n");380 381 //fputs($File, "/sbin/tc qdisc del dev ".$InetInterface." root handle 1: htb default 10\n");382 //fputs($File, "/sbin/tc qdisc add dev ".$InetInterface." root handle 1: htb default 10\n");383 //fputs($File, "/sbin/tc filter add dev ".$InetInterface." parent 1: protocol ip prio 10 u32 match u32 0 0 flowid 1:1 action mirred egress redirect dev ifb1\n");384 385 //exec('/sbin/iptables-save >/etc/sysconfig//sbin/iptables');386 fclose($File);387 fclose($FileClassInfo);388 389 */390 391 122 ?>
Note:
See TracChangeset
for help on using the changeset viewer.