Ignore:
Timestamp:
Nov 13, 2009, 6:33:13 PM (15 years ago)
Author:
george
Message:
  • Opraveno: Při generování pravidel firewallu tabulky mangle a generování stromu front docházelo k posouvání značky Mark a tím nutnost smazat a vložit mnoho řádků. Nově vytvořena tabulka NetworkMark a jedinečné id značky Mark generovány přes databázi uchovávány dlouhodobě přímo v databázi.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/system/generators/traffic_shaping_routerboard.php

    r248 r260  
    99$PathFirewall = array('ip', 'firewall', 'mangle');
    1010$PathQueue = array('queue', 'tree');
     11
     12function GetMarkByComment($Comment)
     13{
     14  global $Database;
     15 
     16  $DbResult = $Database->query('SELECT `Id` FROM `NetworkMark` WHERE `Comment`="'.$Comment.'"');
     17  if($DbResult->num_rows > 0)
     18  {
     19    $DbRow = $DbResult->fetch_assoc();
     20    return($DbRow['Id']);
     21  } else
     22  {
     23    $DbResult = $Database->query('INSERT INTO `NetworkMark` (`Comment`) VALUES ("'.$Comment.'")');
     24    return($Database->insert_id);
     25  }
     26}
    1127
    1228$Routerboard = new Routerboard();
     
    4460
    4561// Root of tree and main limit
    46 $PacketMark = 1;
    47 $ItemsQueue[] = array('name' => 'main-out', 'limit-at' => $UsersMaxSpeedIn, 'max-limit' => $UsersMaxSpeedIn, 'parent' => 'global-out', 'queue' => 'wireless-default');
    48 $ItemsFirewall[] = array('chain' => 'forward', 'out-interface' => $InetInterface, 'action' => 'jump', 'jump-target' => 'inet-out');
    49 $ItemsQueue[] = array('name' => 'main-in', 'limit-at' => $UsersMaxSpeedOut, 'max-limit' => $UsersMaxSpeedOut, 'parent' => 'global-out', 'queue' => 'wireless-default');
    50 $ItemsFirewall[] = array('chain' => 'forward', 'in-interface' => $InetInterface, 'action' => 'jump', 'jump-target' => 'inet-in');
     62$ItemsQueue[] = array('name' => 'main-out', 'limit-at' => $UsersMaxSpeedIn, 'max-limit' => $UsersMaxSpeedIn, 'parent' => 'global-out');
     63$ItemsFirewall[] = array('chain' => 'forward', 'out-interface' => $InetInterface, 'action' => 'jump', 'jump-target' => 'inet-out', 'comment' => 'main-out');
     64$ItemsQueue[] = array('name' => 'main-in', 'limit-at' => $UsersMaxSpeedOut, 'max-limit' => $UsersMaxSpeedOut, 'parent' => 'global-out');
     65$ItemsFirewall[] = array('chain' => 'forward', 'in-interface' => $InetInterface, 'action' => 'jump', 'jump-target' => 'inet-in', 'comment' => 'main-in');
    5166
    5267// Divide rules by subnet number
    53 $DbResult = $Database->query('SELECT Id, AddressRange, Mask FROM NetworkSubnet');
     68$DbResult = $Database->query('SELECT `Id`, `Name`, `AddressRange`, `Mask` FROM `NetworkSubnet`');
    5469while($Subnet = $DbResult->fetch_assoc())
    5570{
    5671  $SubnetParts = explode('.', $Subnet['AddressRange']);
    5772  $SubnetNumber = $SubnetParts[2];
    58   $ItemsFirewall[] = array('chain' => 'inet-out', 'src-address' => $Subnet['AddressRange'].'/'.$Subnet['Mask'], 'out-interface' => $InetInterface, 'action' => 'jump', 'jump-target' => 'inet-out-'.$SubnetNumber);
    59   $ItemsFirewall[] = array('chain' => 'inet-in', 'dst-address' => $Subnet['AddressRange'].'/'.$Subnet['Mask'], 'in-interface' => $InetInterface, 'action' => 'jump', 'jump-target' => 'inet-in-'.$SubnetNumber);
     73  $ItemsFirewall[] = array('chain' => 'inet-out', 'src-address' => $Subnet['AddressRange'].'/'.$Subnet['Mask'], 'out-interface' => $InetInterface, 'action' => 'jump', 'jump-target' => 'inet-out-'.$SubnetNumber, 'comment' => 'subnet-'.RouterOSIdent($Subnet['Name']).'-out');
     74  $ItemsFirewall[] = array('chain' => 'inet-in', 'dst-address' => $Subnet['AddressRange'].'/'.$Subnet['Mask'], 'in-interface' => $InetInterface, 'action' => 'jump', 'jump-target' => 'inet-in-'.$SubnetNumber, 'comment' => 'subnet-'.RouterOSIdent($Subnet['Name']).'-in');
    6075}
    6176
    6277// Slow free internet
    63 $ItemsFirewall[] = array('chain' => 'inet-out', 'out-interface' => $InetInterface, 'action' => 'mark-packet', 'new-packet-mark' => $PacketMark, 'comment' => 'Free_inet', 'passthrough' => 'no');
    64 $ItemsQueue[] = array('name' => 'free-out', 'limit-at' => $FreeInetSpeed, 'max-limit' => $FreeInetSpeed, 'parent' => 'main-out', 'packet-mark' => $PacketMark, 'queue' => 'wireless-default');
    65 $PacketMark++;
    66 $ItemsFirewall[] = array('chain' => 'inet-in', 'in-interface' => $InetInterface, 'action' => 'mark-packet', 'new-packet-mark' => $PacketMark, 'comment' => 'Free_inet', 'passthrough' => 'no');
    67 $ItemsQueue[] = array('name' => 'free-in', 'limit-at' => $FreeInetSpeed, 'max-limit' => $FreeInetSpeed, 'parent' => 'main-in', 'packet-mark' =>$PacketMark, 'queue' => 'wireless-default');
     78$PacketMark = GetMarkByComment('free-out');
     79$ItemsFirewall[] = array('chain' => 'inet-out', 'out-interface' => $InetInterface, 'action' => 'mark-packet', 'new-packet-mark' => $PacketMark, 'comment' => 'free-out', 'passthrough' => 'no');
     80$ItemsQueue[] = array('name' => 'free-out', 'limit-at' => $FreeInetSpeed, 'max-limit' => $FreeInetSpeed, 'parent' => 'main-out', 'packet-mark' => $PacketMark);
     81$PacketMark = GetMarkByComment('free-in');
     82$ItemsFirewall[] = array('chain' => 'inet-in', 'in-interface' => $InetInterface, 'action' => 'mark-packet', 'new-packet-mark' => $PacketMark, 'comment' => 'free-in', 'passthrough' => 'no');
     83$ItemsQueue[] = array('name' => 'free-in', 'limit-at' => $FreeInetSpeed, 'max-limit' => $FreeInetSpeed, 'parent' => 'main-in', 'packet-mark' => $PacketMark);
    6884$PacketMark++;
    6985
    7086// Process users
    71 $DbResult = $Database->query('SELECT Member.*, Subject.Name FROM Member LEFT JOIN Subject ON Subject.Id = Member.Subject');
     87$DbResult = $Database->query('SELECT `Member`.*, `Subject`.`Name` FROM `Member` LEFT JOIN `Subject` ON `Subject`.`Id` = `Member`.`Subject`');
    7288while($Member = $DbResult->fetch_assoc())
    7389{
     
    8096  $UserMaxSpeedIn = round($Tariff['SpeedMax'] / $InDivider);
    8197  $UserMaxSpeedOut = round($Tariff['SpeedMax'] / $OutDivider);
    82   $ItemsQueue[] = array('name' => $Member['Name'].'-out', 'limit-at' => $SpeedIn, 'max-limit' => $UserMaxSpeedIn, 'parent' => 'main-out', 'queue' => 'wireless-default');
    83   $ItemsQueue[] = array('name' => $Member['Name'].'-in', 'limit-at' => $SpeedOut, 'max-limit' => $UserMaxSpeedOut, 'parent' => 'main-in', 'queue' => 'wireless-default');
     98  $ItemsQueue[] = array('name' => $Member['Name'].'-out', 'limit-at' => $SpeedIn, 'max-limit' => $UserMaxSpeedIn, 'parent' => 'main-out');
     99  $ItemsQueue[] = array('name' => $Member['Name'].'-in', 'limit-at' => $SpeedOut, 'max-limit' => $UserMaxSpeedOut, 'parent' => 'main-in');
    84100
    85101  $DbResult2 = $Database->select('NetworkDevice', 'COUNT(*)', 'Used = 1 AND Member='.$Member['Id']);
     
    96112  }
    97113
    98   $DbResult2 = $Database->select('NetworkDevice', '*', 'Used = 1 AND Member = '.$Member['Id']);
     114  $DbResult2 = $Database->select('NetworkDevice', '*', '`Used` = 1 AND `Member` = '.$Member['Id']);
    99115  while($Device = $DbResult2->fetch_assoc())
    100116  {
    101     $DbResult3 = $Database->select('NetworkInterface', '*', 'Device = '.$Device['Id'].' AND LocalIP != ""');
     117    $DbResult3 = $Database->select('NetworkInterface', '*', '`Device` = '.$Device['Id'].' AND `LocalIP` != ""');
    102118    while($Interface = $DbResult3->fetch_assoc())
    103119    {
     
    108124      $IPParts = explode('.', $Interface['LocalIP']);
    109125      $Subnet = $IPParts[2];
    110       $ItemsFirewall[] = array('chain' => 'inet-out-'.$Subnet, 'src-address' => $Interface['LocalIP'], 'out-interface' => $InetInterface, 'action' => 'mark-packet', 'new-packet-mark' => $PacketMark, 'passthrough' => 'no', 'comment' => $Name);
    111       $ItemsQueue[] = array('name' => $Name.'-out', 'limit-at' => $HostSpeedIn, 'max-limit' => $UserMaxSpeedIn, 'parent' => $Member['Name'].'-out', 'packet-mark' => $PacketMark, 'queue' => 'wireless-default');
    112       $PacketMark++;
    113       $ItemsFirewall[] = array('chain' => 'inet-in-'.$Subnet, 'dst-address' => $Interface['LocalIP'], 'in-interface' => $InetInterface, 'action' => 'mark-packet', 'new-packet-mark' => $PacketMark, 'passthrough' => 'no', 'comment' => $Name);
    114       $ItemsQueue[] = array('name' => $Name.'-in', 'limit-at' => $HostSpeedOut, 'max-limit' => $UserMaxSpeedOut, 'parent' => $Member['Name'].'-in', 'packet-mark' => $PacketMark, 'queue' => 'wireless-default');
     126      $PacketMark = GetMarkByComment($Name.'-out');
     127      $ItemsFirewall[] = array('chain' => 'inet-out-'.$Subnet, 'src-address' => $Interface['LocalIP'], 'out-interface' => $InetInterface, 'action' => 'mark-packet', 'new-packet-mark' => $PacketMark, 'passthrough' => 'no', 'comment' => $Name.'-out');
     128      $ItemsQueue[] = array('name' => $Name.'-out', 'limit-at' => $HostSpeedIn, 'max-limit' => $UserMaxSpeedIn, 'parent' => $Member['Name'].'-out', 'packet-mark' => $PacketMark);
     129      $PacketMark = GetMarkByComment($Name.'-in');
     130      $ItemsFirewall[] = array('chain' => 'inet-in-'.$Subnet, 'dst-address' => $Interface['LocalIP'], 'in-interface' => $InetInterface, 'action' => 'mark-packet', 'new-packet-mark' => $PacketMark, 'passthrough' => 'no', 'comment' => $Name.'-in');
     131      $ItemsQueue[] = array('name' => $Name.'-in', 'limit-at' => $HostSpeedOut, 'max-limit' => $UserMaxSpeedOut, 'parent' => $Member['Name'].'-in', 'packet-mark' => $PacketMark);
    115132      $PacketMark++;
    116133    }
    117134  }
    118135 
    119   $DbResult2 = $Database->select('NetworkSubnet', '*', 'Member='.$Member['Id']);
     136  $DbResult2 = $Database->select('NetworkSubnet', '*', '`Member`='.$Member['Id']);
    120137  while($Subnet = $DbResult2->fetch_assoc())
    121138  {
     
    124141    $IPParts = explode('.', $Subnet['AddressRange']);
    125142    $SubnetNumber = $IPParts[2];
    126     $ItemsFirewall[] = array('chain' => 'inet-out-'.$SubnetNumber, 'src-address' => $Subnet['AddressRange'].'/'.$Subnet['Mask'], 'out-interface' =>  $InetInterface, 'action' => 'mark-packet', 'new-packet-mark' => $PacketMark, 'passthrough' => 'no', 'comment' => $Subnet['Name']);
    127     $ItemsQueue[] = array('name' => $Subnet['Name'].'-out', 'limit-at' => $HostSpeedIn, 'max-limit' => $UserMaxSpeedIn, 'parent' => $Member['Name'].'-out', 'packet-mark' => $PacketMark, 'queue' => 'wireless-default');
    128     $PacketMark++;
    129     $ItemsFirewall[] = array('chain' => 'inet-in-'.$SubnetNumber, 'dst-address' => $Subnet['AddressRange'].'/'.$Subnet['Mask'], 'in-interface' => $InetInterface, 'action' => 'mark-packet', 'new-packet-mark' => $PacketMark, 'passthrough' => 'no', 'comment' => $Subnet['Name']);
    130     $ItemsQueue[] = array('name' => $Subnet['Name'].'-in', 'limit-at' => $HostSpeedOut, 'max-limit' => $UserMaxSpeedOut, 'parent' => $Member['Name'].'-in', 'packet-mark' => $PacketMark, 'queue' => 'wireless-default');
    131     $PacketMark++;
     143    $PacketMark = GetMarkByComment($Subnet['Name'].'-out');
     144    $ItemsFirewall[] = array('chain' => 'inet-out-'.$SubnetNumber, 'src-address' => $Subnet['AddressRange'].'/'.$Subnet['Mask'], 'out-interface' =>  $InetInterface, 'action' => 'mark-packet', 'new-packet-mark' => $PacketMark, 'passthrough' => 'no', 'comment' => $Subnet['Name'].'-out');
     145    $ItemsQueue[] = array('name' => $Subnet['Name'].'-out', 'limit-at' => $HostSpeedIn, 'max-limit' => $UserMaxSpeedIn, 'parent' => $Member['Name'].'-out', 'packet-mark' => $PacketMark);
     146    $PacketMark = GetMarkByComment($Subnet['Name'].'-in');
     147    $ItemsFirewall[] = array('chain' => 'inet-in-'.$SubnetNumber, 'dst-address' => $Subnet['AddressRange'].'/'.$Subnet['Mask'], 'in-interface' => $InetInterface, 'action' => 'mark-packet', 'new-packet-mark' => $PacketMark, 'passthrough' => 'no', 'comment' => $Subnet['Name'].'-in');
     148    $ItemsQueue[] = array('name' => $Subnet['Name'].'-in', 'limit-at' => $HostSpeedOut, 'max-limit' => $UserMaxSpeedOut, 'parent' => $Member['Name'].'-in', 'packet-mark' => $PacketMark);
    132149  }
    133150  echo("\n");
    134151}
    135152
    136 $Routerboard->ListUpdate($PathQueue, array('name', 'limit-at', 'max-limit', 'parent', 'packet-mark', 'queue'), $ItemsQueue, array(), true);
     153//print_r($ItemsFirewall);
     154$Routerboard->ListUpdate($PathQueue, array('name', 'limit-at', 'max-limit', 'parent', 'packet-mark'), $ItemsQueue, array(), true);
    137155$Routerboard->ListUpdate($PathFirewall, array('chain', 'dst-address', 'in-interface', 'action', 'new-packet-mark', 'passthrough', 'comment', 'out-interface', 'src-address', 'jump-target'), $ItemsFirewall, array(), true);
    138156
Note: See TracChangeset for help on using the changeset viewer.