Last active
June 3, 2019 17:18
-
-
Save kepstin/901b5a7e523e4962a195 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Calvin's simple traffic shaper script | |
| # Currently set up to handle traffic shaping on mb gateway | |
| # Note that the ingress and egress rates are hardcoded in the commands below. | |
| set -e | |
| IFACE=$1 | |
| if [ -z "$IFACE" ]; then | |
| echo "Usage: $0 <iface>" | |
| exit 1 | |
| fi | |
| if [ ! -d /sys/class/net/"$IFACE" ]; then | |
| echo "'$IFACE' does not appear to be a network interface." | |
| exit 1 | |
| fi | |
| ############################################################################## | |
| # EGRESS | |
| tc qdisc delete dev "$IFACE" root >/dev/null 2>&1 || true | |
| tc qdisc add dev "$IFACE" root handle 1: hfsc default 20 | |
| # Overall egress limit, all other classes are children of this | |
| tc class add dev "$IFACE" parent 1: classid 1:1 hfsc sc rate 20000kbit ul rate 20000kbit | |
| # The "sc" rate is the min realtime bandwidth, the "ul" is the upper limit | |
| # The "sc" rates for all of the traffic classes should sum to the overall | |
| # limit | |
| # fq_codel is used to manage packet queues, and makes good decisions on which | |
| # packets to drop | |
| # The default traffic class | |
| # When link is at capacity, runs at 19mbit. | |
| # When link not at capacity, allowed to use idle capacity. | |
| tc class add dev "$IFACE" parent 1:1 classid 1:20 hfsc sc rate 19000kbit | |
| tc qdisc add dev "$IFACE" parent 1:20 handle 200: fq_codel | |
| # Traffic rules for rika | |
| # When link is at capacity, runs at 1mbit. | |
| # When link not at capacity, allowed to use idle capacity | |
| tc class add dev "$IFACE" parent 1:1 classid 1:30 hfsc sc rate 1000kbit | |
| tc qdisc add dev "$IFACE" parent 1:30 handle 300: fq_codel | |
| # Match based on src ip of rika | |
| tc filter add dev "$IFACE" parent 1: protocol ip u32 match ip src 72.29.167.158/32 flowid 1:30 | |
| ############################################################################## | |
| # INGRESS | |
| # Set up the "ifb" device used to apply queue disciplines on the device | |
| IFB_IFACE="${IFACE}_ingress" | |
| tc qdisc delete dev "$IFACE" ingress >/dev/null 2>&1 || true | |
| if [ -d "/sys/class/net/$IFB_IFACE" ] | |
| then | |
| ip link delete "$IFB_IFACE" | |
| fi | |
| ip link add "$IFB_IFACE" type ifb | |
| ip link set "$IFB_IFACE" up | |
| # Forward ingress traffic to the ifb device | |
| tc qdisc add dev "$IFACE" handle ffff: ingress | |
| tc filter add dev "$IFACE" parent ffff: protocol all u32 match u32 0 0 action mirred egress redirect dev "$IFB_IFACE" | |
| # Now the ingress ifb device can be set up in the same way as the egress device. | |
| tc qdisc delete dev "$IFB_IFACE" root >/dev/null 2>&1 || true | |
| tc qdisc add dev "$IFB_IFACE" root handle 1: hfsc default 20 | |
| tc class add dev "$IFB_IFACE" parent 1: classid 1:1 hfsc sc rate 5000kbit ul rate 5000kbit | |
| # default traffic class | |
| tc class add dev "$IFB_IFACE" parent 1:1 classid 1:20 hfsc sc rate 5000kbit | |
| tc qdisc add dev "$IFB_IFACE" parent 1:20 handle 200: fq_codel |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment