1 /* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
2 /* Prometheus QoS - you can "steal fire" from your ISP */
3 /* "fair-per-IP" quality of service (QoS) utility */
4 /* requires Linux 2.4.x or 2.6.x with HTB support */
5 /* Copyright(C) 2005-2012 Michael Polak, Arachne Labs */
6 /* iptables-restore support Copyright(C) 2007-2008 ludva */
7 /* Credit: CZFree.Net,Martin Devera,Netdave,Aquarius,Gandalf */
8 /* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
10 /* Modified by: xChaos, 20121011
13 Prometheus QoS is free software; you can redistribute it and/or
14 modify it under the terms of the GNU General Public License as
15 published by the Free Software Foundation; either version 2.1 of
16 the License, or (at your option) any later version.
18 Prometheus QoS is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 General Public License for more details.
23 You should have received a copy of the GNU General Public License
24 along with Prometheus Qos; if not, write to the Free Software
25 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
27 GNU General Public License is located in file COPYING */
32 #include "cll1-0.6.2.h"
35 const char *version
= "0.8.3-g";
37 /* Version numbers: 0.8.3 is development releases ("beta"), 0.8.4 will be "stable" */
38 /* Debian(RPM) package versions/patchlevels: 0.7.9-2, 0.8.0-1, 0.8.0-2, etc. */
39 /* C source code development versions ("beta"): 0.7.9-a, 0.8.1-b, etc. */
40 /* C source code release versions: 0.8.0, 0.8.2, 0.8.4, etc. */
42 const char *stats_html_signature
= "<span class=\"small\">Statistics generated by Prometheus QoS version %s<br />GPL+Copyright(C)2005-2012 Michael Polak, <a target=\"_blank\" href=\"http://www.arachne.cz/\">Arachne Labs</a></span>\n";
44 /* ======= Help screen is hopefuly self-documenting part of code :-) ======= */
48 puts("Command line switches:\n\
50 -d Dry run (preview tc and iptables commands on stdout)\n\
51 -r Run (reset all statistics and start shaping - daily usage)\n\
52 -p just generate Preview of data transfer statistics and exit (after -r)\n\
53 -s start Shaping FUP limits (keeps data transfer stat like -p) (after -r)\n\
54 -n run Now (like -r delay - overrides qos-free-delay keyword, after boot)\n\
55 -f just Flush iptables and tc classes and exit (stop shaping, no QiS)\n\
56 -9 emergency iptables flush (like -f, but dumps data transfer statistics)\n\
58 -c filename force alternative /etc/prometheus/prometheus.conf filename\n\
59 -h filename force alternative /etc/hosts filename (overrides hosts keyword)\n\
60 -l Mmm YYYY generate HTML summary of Logged traffic (Mmm=Jan-Dec) (and exit)\n\
61 -m generate HTML summary of traffic for yesterday's Month (and exit)\n\
62 -y generate HTML summary of traffic for yesterday's Year (and exit)\n\
63 -? --help show this help scree (and exit)\n\
64 -v --version show Version number of this utility (and exit)\n");
67 /* ======= All path names are defined here (for RPM patch) ======= */
69 const char *tc
= "/sbin/tc"; /* requires tc with HTB support */
70 const char *iptables
= "/sbin/iptables"; /* requires iptables utility */
71 const char *iptablessave
= "/sbin/iptables-save"; /* not yet required */
72 const char *iptablesrestore
= "/sbin/iptables-restore"; /* requires iptables-restore */
73 const char *ls
= "/bin/ls"; /* this is not user configurable :-) */
75 char *config
= "/etc/prometheus/prometheus.conf"; /* main configuration file */
76 char *hosts
= "/etc/prometheus/hosts"; /* per-IP bandwidth definition file */
78 char *iptablesfile
= "/var/spool/prometheus.iptables"; /* temporary file for iptables-restore*/
79 char *credit
= "/var/lib/misc/prometheus.credit"; /* credit log file */
80 char *classmap
= "/var/lib/misc/prometheus.classes"; /* credit log file */
81 char *html
= "/var/www/traffic.html"; /* hall of fame - html version */
82 char *preview
= "/var/www/preview.html"; /* hall of fame preview - html version */
83 char *json_traffic
= "/var/www/logs/traffic.json"; /* hall of fame - json version */
84 char *json_preview
= "/var/www/logs/preview.json"; /* hall of fame preview - json version */
85 char *cmdlog
= "/var/log/prometheuslog"; /* command log filename */
86 char *log_dir
= "/var/www/logs/"; /* log directory pathname, ended with slash */
87 char *log_url
= "/logs/"; /* log directory relative URI prefix (partial URL) */
88 char *html_log_dir
= "/var/www/logs/html/";
90 char *jquery_url
= "http://code.jquery.com/jquery-latest.js";
91 char *lms_url
= "/lms/?m=customerinfo&id=";
92 int use_jquery_popups
= TRUE
;
93 int row_odd_even
= 0; /*<tr class="odd/even"> */
95 /* === Configuraration file values defaults - stored in global variables ==== */
97 int filter_type
= 1; /*1 mark, 2 classify*/
99 char *mark_iptables
= "MARK --set-mark ";
100 int dry_run
= FALSE
; /* preview - use puts() instead of system() */
101 char *iptablespreamble
= "*mangle\n:PREROUTING ACCEPT [0:0]\n:POSTROUTING ACCEPT [0:0]\n:INPUT ACCEPT [0:0]\n:OUTPUT ACCEPT [0:0]\n:FORWARD ACCEPT [0:0]";
102 FILE *iptables_file
= NULL
;
103 int enable_credit
= TRUE
; /* enable credit file */
104 int use_credit
= FALSE
; /* use credit file (if enabled)*/
105 char *title
= "Hall of Fame - Greatest Suckers"; /* hall of fame title */
106 int hall_of_fame
= TRUE
; /* enable hall of fame */
107 char *lan
= "eth0"; /* LAN interface */
108 char *lan_medium
= "100Mbit"; /* 10Mbit/100Mbit ethernet */
109 char *wan
= "eth1"; /* WAN/ISP interface */
110 char *wan_medium
= "100Mbit"; /* 10Mbit/100Mbit ethernet */
111 char *qos_leaf
= "sfq perturb 5"; /* leaf discipline */
112 char *qos_free_zone
= NULL
; /* QoS free zone */
113 int qos_proxy
= TRUE
; /* include proxy port to QoS */
114 int found_lmsid
= FALSE
; /* show links to users in LMS information system */
115 int include_upload
= TRUE
; /* upload+download=total traffic */
116 char *proxy_ip
= "192.168.1.1/32"; /* our IP with proxy port */
117 int proxy_port
= 3128; /* proxy port number */
118 long long int line
= 1024; /* WAN/ISP download in kbps */
119 long long int up
= 1024; /* WAN/ISP upload in kbps */
120 int free_min
= 32; /* minimum guaranted bandwidth for all undefined hosts */
121 int free_max
= 64; /* maximum allowed bandwidth for all undefined hosts */
122 int qos_free_delay
= 0; /* seconds to sleep before applying new QoS rules */
123 int digital_divide
= 2; /* controls digital divide weirdness ratio, 1...3 */
124 int max_nesting
= 3; /* maximum nesting of HTB clases, built-in maximum seems to be 4 */
125 int htb_r2q
= 256; /* should work for leaf values 512 kbps to 8 Mbps */
126 int burst
= 8; /* HTB burst (in kbits) */
128 int burst_group
= 32;
129 int magic_treshold
= 8; /* reduce ceil by X*magic_treshhold kbps (hard shaping) */
130 int keywordcount
= 0;
133 /* not yet implemented:
134 int fixed_packets = 0; maximum number of pps per IP address (not class!)
135 int packet_limit = 5; maximum number of pps to htn CEIL, not rate !!!
137 FILE *log_file
= NULL
;
138 char *kwd
= "via-prometheus"; /* /etc/hosts comment, eg. #qos-64-128 */
140 const int highest_priority
= 0; /* highest HTB priority (HTB built-in value is 0) */
141 const int lowest_priority
= 7; /* lowest HTB priority (HTB built-in value is 7) */
142 const int idxtable_treshold1
= 24; /* this is no longer configurable */
143 const int idxtable_treshold2
= 12; /* this is no longer configurable */
144 const int idxtable_bitmask1
= 3; /* this is no longer configurable */
145 const int idxtable_bitmask2
= 3; /* this is no longer configurable */
147 struct IP
*ips
= NULL
, *ip
, *sharedip
;
148 struct Group
*groups
= NULL
, *group
;
149 struct Keyword
*keyword
, *defaultkeyword
=NULL
, *keywords
=NULL
;
151 void parse_ip_log(int argc
, char **argv
);
152 /* implemented in parselog.c */
154 void parse_hosts(char *hosts
);
155 /* implemented in parsehosts.c */
157 void write_json_traffic(char *json
);
158 /* implemented in json.c */
160 void write_htmlandlogs(char *html
, char *d
, int total
, int just_preview
);
161 /* implemented in htmlandlogs.c */
163 const char *tr_odd_even(void)
165 row_odd_even
= 1 - row_odd_even
;
168 return "<tr class=\"even\">\n";
172 return "<tr class=\"odd\">\n";
176 /* ==== This is C<<1 stuff - learn C<<1 first! https://dev.arachne.cz/svn/cll1h ==== */
182 struct Index
*parent
;
186 } *idxs
=NULL
, *idx
, *metaindex
;
189 /* function implemented in parsehosts.c */
191 /* ====== iptables indexes are used to reduce complexity to log8(N) ===== */
193 char *index_id(char *ip
, int bitmask
);
194 /* function implemented in ipv4subnets.c */
196 char *subnet_id(char *ip
, int bitmask
);
197 /* function implemented in ipv4subnets.c */
199 /* ================= Let's parse configuration file here ================ */
201 void reject_config_and_exit(char *filename
)
203 printf("Configuration file %s rejected - abnormal exit.",filename
);
207 void get_config(char *config_filename
)
211 printf("Configured keywords: ");
212 parse(config_filename
)
214 option("keyword",kwd
);
219 create(keyword
,Keyword
);
221 keyword
->asymetry_ratio
=1; /* ratio for ADSL-like upload */
222 keyword
->asymetry_fixed
=0; /* fixed treshold for ADSL-like upload */
223 keyword
->data_limit
=8; /* hard shaping: apply magic_treshold if max*data_limit MB exceeded */
224 keyword
->data_prio
=4; /* soft shaping (qos): reduce HTB prio if max*data_prio MB exceeded */
225 keyword
->fixed_limit
=0; /* fixed data limit for setting lower HTB ceil */
226 keyword
->fixed_prio
=0; /* fixed data limit for setting lower HTB prio */
227 keyword
->reserve_min
=8; /* bonus for nominal HTB rate bandwidth (in kbps) */
228 keyword
->reserve_max
=0; /* malus for nominal HTB ceil (in kbps) */
229 keyword
->default_prio
=highest_priority
+1;
230 keyword
->html_color
="000000";
232 keyword
->leaf_discipline
="";
234 push(keyword
,keywords
);
235 if(!defaultkeyword
) defaultkeyword
=keyword
;
242 for_each(keyword
,keywords
)
244 int l
=strlen(keyword
->key
);
246 if(!strncmp(keyword
->key
,_
,l
) && strlen(_
)>l
+2)
248 char *tmptr
=_
; /* <---- l+1 ----> */
249 _
+=l
+1; /* via-prometheus-asymetry-ratio, etc. */
250 ioption("asymetry-ratio",keyword
->asymetry_ratio
);
251 ioption("asymetry-treshold",keyword
->asymetry_fixed
);
252 ioption("magic-relative-limit",keyword
->data_limit
);
253 ioption("magic-relative-prio",keyword
->data_prio
);
254 loption("magic-fixed-limit",keyword
->fixed_limit
);
255 loption("magic-fixed-prio",keyword
->fixed_prio
);
256 ioption("htb-default-prio",keyword
->default_prio
);
257 ioption("htb-rate-bonus",keyword
->reserve_min
);
258 ioption("htb-ceil-malus",keyword
->reserve_max
);
259 option("leaf-discipline",keyword
->leaf_discipline
);
260 option("html-color",keyword
->html_color
);
263 if(keyword
->data_limit
|| keyword
->fixed_limit
||
264 keyword
->data_prio
|| keyword
->fixed_prio
)
273 option("iptables",iptables
);
274 option("iptables-save",iptablessave
); /* new */
275 option("iptables-restore",iptablesrestore
); /* new */
276 option("iptables-in-filename",iptablesfile
); /* new */
277 option("hosts",hosts
);
278 option("lan-interface",lan
);
279 option("wan-interface",wan
);
280 option("lan-medium",lan_medium
);
281 option("wan-medium",wan_medium
);
282 lloption("wan-download",line
);
283 lloption("wan-upload",up
);
284 ioption("hall-of-fame-enable",hall_of_fame
);
285 option("hall-of-fame-title",title
);
286 option("hall-of-fame-filename",html
);
287 option("json-filename",json_traffic
);
288 option("hall-of-fame-preview",preview
);
289 option("json-preview",json_preview
);
290 option("log-filename",cmdlog
);
291 option("credit-filename",credit
);
292 option("classmap-filename",classmap
);
293 ioption("credit-enable",enable_credit
);
294 option("log-traffic-directory",log_dir
);
295 option("log-traffic-html-directory",html_log_dir
);
296 option("log-traffic-url-path",log_url
);
297 option("jquery-url",jquery_url
);
298 option("lms-url",lms_url
);
299 ioption("use-jquery-popups",use_jquery_popups
);
300 option("qos-free-zone",qos_free_zone
);
301 ioption("qos-free-delay",qos_free_delay
);
302 ioption("qos-proxy-enable",qos_proxy
);
303 option("qos-proxy-ip",proxy_ip
);
304 option("htb-leaf-discipline",qos_leaf
);
305 ioption("qos-proxy-port",proxy_port
);
306 ioption("free-rate",free_min
);
307 ioption("free-ceil",free_max
);
308 ioption("htb-burst",burst
);
309 ioption("htb-burst-main",burst_main
);
310 ioption("htb-burst-group",burst_group
);
311 ioption("htb-nesting-limit",max_nesting
);
312 ioption("htb-r2q",htb_r2q
);
313 ioption("magic-include-upload",include_upload
);
314 ioption("magic-treshold",magic_treshold
);
315 option("filter-type", cnf
);
316 /* not yet implemented:
317 ioption("magic-fixed-packets",fixed_packets);
318 ioption("magic-relative-packets",packet_limit);
323 perror(config_filename
);
324 puts("Warning - using built-in defaults instead ...");
326 done
; /* ugly macro end */
329 /* leaf discipline for keywords */
330 for_each(keyword
,keywords
)
332 if(!strcmpi(keyword
->leaf_discipline
, ""))
334 keyword
->leaf_discipline
= qos_leaf
;
338 if(strcmpi(cnf
, "mark"))
342 mark_iptables
= "CLASSIFY --set-class 1:";
348 mark_iptables
= "MARK --set-mark ";
351 /* are supplied values meaningful ?*/
354 puts("Illegal value of LAN or WAN bandwidth: 0 kbps.");
355 reject_config_and_exit(config_filename
);
359 /* ===================== traffic analyser - uses iptables ================ */
361 void get_traffic_statistics(void)
366 textfile(Pipe
,str
) *line
,*lines
=NULL
;
370 sprintf(cmd
,"%s -L -v -x -n -t mangle",iptables
);
382 int col
, accept
=0,proxyflag
=0,valid
=1,setchainname
=0,commonflag
=0;
383 unsigned long long traffic
=0;
384 unsigned long pkts
=0;
385 char *ipaddr
=NULL
,*ptr
;
387 /* debug puts(line->str); */
388 valid_columns(ptr
,line
->str
,' ',col
)
389 if(valid
) switch(col
)
391 case 1: if(eq(ptr
,"Chain"))
395 else if(eq(ptr
,"pkts"))
401 sscanf(ptr
,"%lu",&pkts
);
404 case 2: if(setchainname
)
406 if(!strncmp(ptr
,"post_",5) || eq(ptr
,"POSTROUTING"))
412 if(!strncmp(ptr
,"forw_",5) || eq(ptr
,"FORWARD"))
417 if(eq(ptr
,"post_common") || eq(ptr
,"forw_common"))
424 sscanf(ptr
,"%Lu",&traffic
);
429 case 3: if((strncmp(ptr
,"post_",5) && strncmp(ptr
,"forw_",5)) || commonflag
)
433 /*if(filter_type==1) accept=eq(ptr,"MARK"); else accept=eq(ptr,"CLASSIFY");*/
435 case 8: if(downloadflag
)
437 if(strstr(proxy_ip
,ptr
))
447 case 9: if(downloadflag
)ipaddr
=ptr
;break;
450 if(accept
&& traffic
>0 && ipaddr
)
456 else if(!downloadflag
)
460 printf("IP %s: %Lu MB (%ld pkts)\n", ipaddr
, traffic
, pkts
);
462 if_exists(ip
,ips
,eq(ip
->addr
,ipaddr
));
467 if(eq(ip
->addr
,"0.0.0.0/0"))
469 ip
->name
="(unregistered)";
471 ip
->max
=ip
->desired
=free_max
;
483 ip
->traffic
+=traffic
;
485 ip
->direct
=ip
->traffic
-ip
->upload
-ip
->proxy
;
494 ip
->traffic
+=traffic
;
498 if(traffic
>ip
->traffic
)
509 /* ========== This function executes, logs OR ALSO prints command ========== */
511 void safe_run(char *cmd
)
515 printf("\n=>%s\n",cmd
);
523 fprintf(log_file
,"%s\n",cmd
);
527 void save_line(char *line
)
529 fprintf(iptables_file
,"%s\n",line
);
532 void run_restore(void)
535 string(restor
,STRLEN
);
537 /*-----------------------------------------------------------------*/
538 printf("Running %s <%s ...\n", iptablesrestore
, iptablesfile
);
539 /*-----------------------------------------------------------------*/
542 fclose(iptables_file
);
549 done
; /* ugly macro end */
552 sprintf(restor
,"%s <%s",iptablesrestore
, iptablesfile
);
558 char *parse_datafile_line(char *str
)
560 char *ptr
=strchr(str
,' ');
575 /*-----------------------------------------------------------------*/
576 /* Are you looking for int main(int argc, char **argv) ? :-)) */
577 /*-----------------------------------------------------------------*/
581 int i
=0; /* just plain old Fortran style integer :-) */
582 FILE *f
=NULL
; /* everything is just stream of bytes... */
583 char *str
, *ptr
, *d
; /* LET A$=B$ :-) */
587 int just_flush
= FALSE
; /* deactivates all previous actions */
589 int just_preview
= FALSE
; /* preview - generate just stats */
590 int start_shaping
= FALSE
; /* apply FUP - requires classmap file */
591 int just_logs
= FALSE
; /* just parse logs */
595 char *chain_forward
, *chain_postrouting
;
599 Prometheus QoS - \"fair-per-IP\" Quality of Service setup utility.\n\
600 Version %s - Copyright (C)2005-2012 Michael Polak, Arachne Labs\n\
601 iptables-restore & burst tunning & classify modification by Ludva\n\
602 Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version
);
604 /*----- Boring... we have to check command line options first: ----*/
607 argument("-c") { nextargument(config
); }
608 argument("-h") { nextargument(althosts
);}
609 argument("-d") { run
=TRUE
; dry_run
=TRUE
; }
610 argument("-f") { run
=TRUE
; just_flush
=TRUE
; }
611 argument("-9") { run
=TRUE
; just_flush
=9; }
612 argument("-p") { run
=TRUE
; just_preview
=TRUE
; }
613 argument("-s") { run
=TRUE
; just_preview
=TRUE
; start_shaping
=TRUE
; }
614 argument("-r") { run
=TRUE
; }
615 argument("-n") { run
=TRUE
; nodelay
=TRUE
; }
616 argument("-l") { just_logs
=TRUE
; }
617 argument("-m") { just_logs
=TRUE
; }
618 argument("-y") { just_logs
=TRUE
; }
619 argument("-?") { help(); exit(0); }
620 argument("--help") { help(); exit(0); }
621 argument("-v") { exit(0); }
622 argument("--version") { exit(0); }
627 puts("*** THIS IS JUST DRY RUN ! ***\n");
630 date(d
); /* this is typical cll1.h macro - prints current date */
632 /*-----------------------------------------------------------------*/
633 printf("Parsing configuration file %s ...\n", config
);
634 /*-----------------------------------------------------------------*/
639 parse_ip_log(argc
,argv
);
655 /*-----------------------------------------------------------------*/
656 puts("Parsing iptables verbose output ...");
657 /*-----------------------------------------------------------------*/
658 get_traffic_statistics();
661 /*-----------------------------------------------------------------*/
662 printf("Parsing class defintion file %s ...\n", hosts
);
663 /*-----------------------------------------------------------------*/
666 /*-----------------------------------------------------------------*/
667 /* cll1.h - let's allocate brand new character buffer... */
668 /*-----------------------------------------------------------------*/
671 /*-----------------------------------------------------------------*/
672 puts("Resolving shared connections ...");
673 /*-----------------------------------------------------------------*/
674 for_each(ip
,ips
) if(ip
->sharing
)
676 for_each(sharedip
,ips
) if(eq(sharedip
->name
,ip
->sharing
))
678 sharedip
->traffic
+=ip
->traffic
;
680 ip
->mark
=sharedip
->mark
;
681 ip
->lmsid
=sharedip
->lmsid
;
686 printf("Unresolved shared connection: %s %s sharing-%s\n",
687 ip
->addr
, ip
->name
, ip
->sharing
);
691 if(enable_credit
&& just_flush
<9)
693 /*-----------------------------------------------------------------*/
694 printf("Parsing credit file %s ...\n", credit
);
695 /*-----------------------------------------------------------------*/
698 ptr
=parse_datafile_line(_
);
701 if_exists(ip
,ips
,eq(ip
->addr
,_
))
703 sscanf(ptr
,"%Lu",&(ip
->credit
));
707 done
; /* ugly macro end */
712 /*-----------------------------------------------------------------*/
713 puts("Initializing iptables and tc classes ...");
714 /*-----------------------------------------------------------------*/
716 iptables_file
=fopen(iptablesfile
,"w");
717 if(iptables_file
== NULL
)
719 puts("Cannot open iptablesfile!");
723 log_file
=fopen(cmdlog
,"w");
726 puts("Cannot open logfile!");
730 save_line(iptablespreamble
);
733 sprintf(str
,"%s qdisc del dev %s root 2>/dev/null",tc
,lan
);
736 sprintf(str
,"%s qdisc del dev %s root 2>/dev/null",tc
,wan
);
739 iptables_file
=fopen(iptablesfile
,"w");
740 save_line(iptablespreamble
);
742 if(qos_free_zone
&& *qos_free_zone
!='0')
746 sprintf(str
,"-A FORWARD -d %s -o %s -j ACCEPT", qos_free_zone
, wan
);
751 save_line(":post_noproxy - [0:0]");
752 sprintf(str
,"-A POSTROUTING ! -p tcp -o %s -j post_noproxy", lan
);
754 sprintf(str
,"-A POSTROUTING ! -s %s -o %s -j post_noproxy", proxy_ip
, lan
);
756 sprintf(str
,"-A POSTROUTING -s %s -p tcp ! --sport %d -o %s -j post_noproxy", proxy_ip
, proxy_port
, lan
);
759 chain
="post_noproxy";
766 sprintf(str
,"-A %s -s %s -o %s -j ACCEPT", chain
, qos_free_zone
, lan
);
770 if(ip_count
>idxtable_treshold1
&& !just_flush
)
772 int idxcount
=0, bitmask
=32-idxtable_bitmask1
; /* default net mask: 255.255.255.240 */
774 /*-----------------------------------------------------------------*/
775 printf("Detected %d addresses - indexing iptables rules to improve performance...\n",ip_count
);
776 /*-----------------------------------------------------------------*/
778 save_line(":post_common - [0:0]");
779 save_line(":forw_common - [0:0]");
781 for_each(ip
,ips
) if(ip
->addr
&& *(ip
->addr
) && !eq(ip
->addr
,"0.0.0.0/0"))
783 buf
=index_id(ip
->addr
,bitmask
);
784 if_exists(idx
,idxs
,eq(idx
->id
,buf
))
793 idx
->bitmask
=bitmask
;
801 /* brutal perfomance optimalization */
802 while(idxcount
>idxtable_treshold2
&& bitmask
>2*idxtable_bitmask2
)
804 bitmask
-=idxtable_bitmask2
;
807 for_each(idx
,idxs
) if(idx
->parent
== NULL
)
809 buf
=index_id(idx
->addr
,bitmask
);
810 if_exists(metaindex
,idxs
,eq(metaindex
->id
,buf
))
812 metaindex
->children
++;
816 create(metaindex
,Index
);
817 metaindex
->addr
=idx
->addr
;
819 metaindex
->bitmask
=bitmask
;
820 metaindex
->parent
=NULL
;
821 metaindex
->children
=0;
823 push(metaindex
,idxs
);
825 idx
->parent
=metaindex
;
829 /* this should slightly optimize throughout ... */
830 sort(idx
,idxs
,desc_order_by
,children
);
831 sort(idx
,idxs
,order_by
,bitmask
);
836 subnet
=subnet_id(idx
->addr
,idx
->bitmask
);
837 printf("%d: %s/%d\n",
838 ++i
, subnet
, idx
->bitmask
);
840 sprintf(str
,":post_%s - [0:0]", idx
->id
);
843 sprintf(str
,":forw_%s - [0:0]", idx
->id
);
848 string(buf
,strlen(idx
->parent
->id
)+6);
849 sprintf(buf
,"post_%s",idx
->parent
->id
);
856 sprintf(str
,"-A %s -d %s/%d -o %s -j post_%s", buf
, subnet
, idx
->bitmask
, lan
, idx
->id
);
859 sprintf(str
,"-A %s -d %s/%d -o %s -j post_common", buf
, subnet
, idx
->bitmask
, lan
);
864 string(buf
,strlen(idx
->parent
->id
)+6);
865 sprintf(buf
,"forw_%s",idx
->parent
->id
);
872 sprintf(str
,"-A %s -s %s/%d -o %s -j forw_%s", buf
, subnet
, idx
->bitmask
, wan
, idx
->id
);
875 sprintf(str
,"-A %s -s %s/%d -o %s -j forw_common", buf
, subnet
, idx
->bitmask
, wan
);
878 printf("Total indexed iptables chains created: %d\n", i
);
880 sprintf(str
,"-A FORWARD -o %s -j forw_common", wan
);
883 sprintf(str
,"-A POSTROUTING -o %s -j post_common", lan
);
891 fclose(iptables_file
);
896 puts("Just flushed iptables and tc classes - now exiting ...");
902 if(!dry_run
&& !nodelay
&& qos_free_delay
)
904 printf("Flushed iptables and tc classes - now sleeping for %d seconds...\n",qos_free_delay
);
905 sleep(qos_free_delay
);
908 sprintf(str
,"%s qdisc add dev %s root handle 1: htb r2q %d default 1",
912 sprintf(str
, "%s class add dev %s parent 1: classid 1:2 htb rate %s ceil %s burst %dk prio %d",
913 tc
,lan
,lan_medium
,lan_medium
,burst_main
,highest_priority
);
916 sprintf(str
, "%s class add dev %s parent 1:2 classid 1:1 htb rate %Ldkbit ceil %Ldkbit burst %dk prio %d",
917 tc
,lan
,line
,line
,burst_main
,highest_priority
);
920 sprintf(str
,"%s qdisc add dev %s root handle 1: htb r2q %d default 1",tc
,wan
,htb_r2q
);
923 sprintf(str
, "%s class add dev %s parent 1: classid 1:2 htb rate %s ceil %s burst %dk prio %d",
924 tc
,wan
,wan_medium
,wan_medium
,burst_main
,highest_priority
);
927 sprintf(str
, "%s class add dev %s parent 1:2 classid 1:1 htb rate %Ldkbit ceil %Ldkbit burst %dk prio %d",
928 tc
,wan
,up
,up
,burst_main
,highest_priority
);
932 /*-----------------------------------------------------------------*/
933 puts("Locating heavy downloaders and generating root classes ...");
934 /*-----------------------------------------------------------------*/
935 sort(ip
,ips
,desc_order_by
,traffic
);
937 /*-----------------------------------------------------------------*/
938 /* sub-scope - local variables */
940 long long int rate
= line
;
941 long long int max
= line
;
943 FILE *credit_file
= NULL
;
945 if(!just_preview
&& !dry_run
&& enable_credit
)
947 credit_file
= fopen(credit
,"w");
950 for_each(group
,groups
)
955 sprintf(str
,"%s class add dev %s parent 1:%d classid 1:%d htb rate %Ldkbit ceil %Ldkbit burst %dk prio %d #down desired %d",
956 tc
, lan
, parent
, group
->id
, rate
, max
, burst_group
, highest_priority
+1, group
->desired
);
960 sprintf(str
,"%s class add dev %s parent 1:%d classid 1:%d htb rate %Ldkbit ceil %Ldkbit burst %dk prio %d #up desired %d",
961 tc
, wan
, parent
, group
->id
, rate
*up
/line
, max
*up
/line
, burst_group
, highest_priority
+1, group
->desired
);
965 if(group_count
++ < max_nesting
)
970 rate
-= digital_divide
*group
->min
;
971 if(rate
< group
->min
)
976 /*shaping of aggresive downloaders, with credit file support */
979 int group_rate
= group
->min
, priority_sequence
= lowest_priority
;
981 for_each(ip
, ips
) if(ip
->min
== group
->min
&& ip
->max
> ip
->min
)
983 ip
->realquota
=ip
->credit
+(ip
->min
*ip
->keyword
->data_limit
+(ip
->keyword
->fixed_limit
<<20));
984 if( ip
->keyword
->data_limit
985 and not ip
->fixedprio
986 and ip
->traffic
> ip
->realquota
)
988 if(group_rate
< ip
->max
)
990 ip
->max
= group_rate
;
992 group_rate
+=magic_treshold
;
993 ip
->prio
=lowest_priority
;
994 if(ip
->prio
<highest_priority
+2)
996 ip
->prio
=highest_priority
+2;
1001 if( ip
->keyword
->data_prio
1003 && ( ip
->traffic
>ip
->credit
1004 + (ip
->min
*ip
->keyword
->data_prio
+(ip
->keyword
->fixed_prio
<<20))) )
1006 ip
->prio
=priority_sequence
--;
1007 if(ip
->prio
<highest_priority
+1)
1009 ip
->prio
=highest_priority
+1;
1015 unsigned long long lcredit
=0;
1017 if((ip
->min
*ip
->keyword
->data_limit
+(ip
->keyword
->fixed_limit
<<20))>ip
->traffic
)
1019 lcredit
=(ip
->min
*ip
->keyword
->data_limit
+(ip
->keyword
->fixed_limit
<<20))-ip
->traffic
;
1021 fprintf(credit_file
,"%s %Lu\n",ip
->addr
,lcredit
);
1029 fclose(credit_file
);
1037 printf("Reading %s and applying Fair Use Policy rules ... \n", classmap
);
1045 if_exists(ip
,ips
,eq(ip
->addr
,_
))
1048 if(ip
->max
< ip
->desired
) /* apply FUP limit immediately.... */
1050 printf("Applying limit for %-22s %-16s %04d ", ip
->name
, ip
->addr
, ip
->mark
);
1051 printf("(down: %dk-%dk ", ip
->min
, ip
->max
);
1052 sprintf(str
, "%s class change dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d",
1053 tc
, lan
, ip
->group
, ip
->mark
,ip
->min
,ip
->max
, burst
, ip
->prio
);
1055 printf("up: %dk-%dk)\n", (int)((ip
->min
/ip
->keyword
->asymetry_ratio
)-ip
->keyword
->asymetry_fixed
),
1056 (int)((ip
->max
/ip
->keyword
->asymetry_ratio
)-ip
->keyword
->asymetry_fixed
));
1057 sprintf(str
,"%s class change dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d",
1058 tc
, wan
, ip
->group
, ip
->mark
,
1059 (int)((ip
->min
/ip
->keyword
->asymetry_ratio
)-ip
->keyword
->asymetry_fixed
),
1060 (int)((ip
->max
/ip
->keyword
->asymetry_ratio
)-ip
->keyword
->asymetry_fixed
), burst
, ip
->prio
);
1069 puts("Warning - classmap file not fund, just generating preview ...");
1070 start_shaping
=FALSE
;
1072 done
; /* ugly macro end */
1075 json_traffic
=json_preview
;
1078 if(!dry_run
&& !just_flush
)
1080 /*-----------------------------------------------------------------*/
1081 printf("Writing json traffic overview %s ... ", json_traffic
);
1082 /*-----------------------------------------------------------------*/
1083 write_json_traffic(json_traffic
);
1086 /*-----------------------------------------------------------------*/
1087 printf("Writing statistics into HTML page %s ...\n", html
);
1088 /*-----------------------------------------------------------------*/
1089 write_htmlandlogs(json_traffic
,d
,total
, just_preview
);
1098 printf("Statistics preview generated (-%c switch) - now exiting ...\n", swchar
);
1104 printf("%-22s %-15s mark\n","name","ip");
1107 printf("Writing %s ... ", classmap
);
1108 f
= fopen(classmap
, "w");
1114 /*-----------------------------------------------------------------*/
1115 puts("Generating iptables and tc classes ... ");
1116 /*-----------------------------------------------------------------*/
1118 for_each(ip
, ips
) if(ip
->mark
> 0)
1123 duplicate(ip
->addr
,buf
);
1124 buf
=index_id(ip
->addr
,32-idxtable_bitmask1
);
1126 string(chain_forward
,6+strlen(buf
));
1127 strcpy(chain_forward
,"forw_");
1128 strcat(chain_forward
,buf
);
1130 string(chain_postrouting
,6+strlen(buf
));
1131 strcpy(chain_postrouting
,"post_");
1132 strcat(chain_postrouting
,buf
);
1138 chain_forward
="FORWARD";
1139 chain_postrouting
="POSTROUTING";
1143 printf("%-22s %-16s %04d ", ip
->name
, ip
->addr
, ip
->mark
);
1146 /* -------------------------------------------------------- mark download */
1148 sprintf(str
, "-A %s -d %s/32 -o %s -j %s%d",
1149 chain_postrouting
, ip
->addr
, lan
, mark_iptables
, ip
->mark
);
1150 /*sprintf(str,"-A %s -d %s/32 -o %s -j MARK --set-mark %d",chain_postrouting,ip->addr,lan,ip->mark);*/
1151 /* -m limit --limit 1/s */
1156 sprintf(str
, "-A %s -s %s -p tcp --sport %d -d %s/32 -o %s -j %s%d",
1157 chain_postrouting
, proxy_ip
, proxy_port
, ip
->addr
, lan
, mark_iptables
, ip
->mark
);
1158 /*sprintf(str,"-A %s -s %s -p tcp --sport %d -d %s/32 -o %s -j MARK --set-mark %d",chain_postrouting,proxy_ip,proxy_port,ip->addr,lan,ip->mark);*/
1162 sprintf(str
, "-A %s -d %s/32 -o %s -j ACCEPT",
1163 chain_postrouting
, ip
->addr
, lan
);
1166 /* -------------------------------------------------------- mark upload */
1167 sprintf(str
, "-A %s -s %s/32 -o %s -j %s%d",
1168 chain_forward
, ip
->addr
, wan
, mark_iptables
, ip
->mark
);
1169 /* sprintf(str,"-A %s -s %s/32 -o %s -j MARK --set-mark %d",chain_forward,ip->addr,wan,ip->mark);*/
1172 sprintf(str
, "-A %s -s %s/32 -o %s -j ACCEPT",
1173 chain_forward
, ip
->addr
, wan
);
1178 /* -------------------------------------------------------- download class */
1180 printf("(down: %dk-%dk ", ip
->min
, ip
->max
);
1183 sprintf(str
, "%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d",
1184 tc
, lan
, ip
->group
, ip
->mark
,ip
->min
,ip
->max
, burst
, ip
->prio
);
1187 if(strcmpi(ip
->keyword
->leaf_discipline
, "none"))
1189 sprintf(str
, "%s qdisc add dev %s parent 1:%d handle %d %s",
1190 tc
, lan
, ip
->mark
, ip
->mark
, ip
->keyword
->leaf_discipline
); /*qos_leaf*/
1194 if(filter_type
== 1)
1196 sprintf(str
, "%s filter add dev %s parent 1:0 protocol ip handle %d fw flowid 1:%d",
1197 tc
, lan
, ip
->mark
, ip
->mark
);
1201 /* -------------------------------------------------------- upload class */
1203 printf("up: %dk-%dk)\n", (int)((ip
->min
/ip
->keyword
->asymetry_ratio
)-ip
->keyword
->asymetry_fixed
),
1204 (int)((ip
->max
/ip
->keyword
->asymetry_ratio
)-ip
->keyword
->asymetry_fixed
));
1207 sprintf(str
,"%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d",
1208 tc
, wan
, ip
->group
, ip
->mark
,
1209 (int)((ip
->min
/ip
->keyword
->asymetry_ratio
)-ip
->keyword
->asymetry_fixed
),
1210 (int)((ip
->max
/ip
->keyword
->asymetry_ratio
)-ip
->keyword
->asymetry_fixed
), burst
, ip
->prio
);
1213 if(strcmpi(ip
->keyword
->leaf_discipline
, "none"))
1215 sprintf(str
, "%s qdisc add dev %s parent 1:%d handle %d %s",
1216 tc
, wan
, ip
->mark
, ip
->mark
, ip
->keyword
->leaf_discipline
); /*qos_leaf*/
1220 if(filter_type
== 1)
1222 sprintf(str
, "%s filter add dev %s parent 1:0 protocol ip handle %d fw flowid 1:%d",
1223 tc
, wan
, ip
->mark
, ip
->mark
);
1229 fprintf(f
, "%s %d\n", ip
->addr
, ip
->mark
);
1235 printf("(sharing %s)\n", ip
->sharing
);
1248 chain_forward
= "forw_common";
1249 chain_postrouting
= "post_common";
1253 chain_forward
= "FORWARD";
1254 chain_postrouting
= "POSTROUTING";
1256 /* -------------------------------- classify or reject free download */
1258 char *final_chain
= "DROP"; /* REJECT would be better, but it is impossible in mangle */
1261 final_chain
= "ACCEPT";
1267 sprintf(str
,"-A %s -s %s -p tcp --sport %d -o %s -j %s%d",
1268 chain_postrouting
,proxy_ip
,proxy_port
,lan
,mark_iptables
,3);
1271 sprintf(str
,"-A %s -s %s -p tcp --sport %d -o %s -j %s",
1272 chain_postrouting
,proxy_ip
,proxy_port
,lan
,final_chain
);
1277 sprintf(str
,"-A %s -o %s -j %s%d", chain_postrouting
, lan
, mark_iptables
, 3);
1280 sprintf(str
,"-A %s -o %s -j %s", chain_postrouting
, lan
, final_chain
);
1282 /* ------------------------------- classify or reject free upload */
1285 sprintf(str
,"-A %s -o %s -j %s%d", chain_forward
, wan
, mark_iptables
, 3);
1288 sprintf(str
,"-A %s -o %s -j %s", chain_forward
, wan
, final_chain
);
1292 if(free_min
) /* allocate free bandwith if it is not zero... */
1294 /*-----------------------------------------------------------------*/
1295 puts("Generating free bandwith classes ...");
1296 /*-----------------------------------------------------------------*/
1297 sprintf(str
, "%s class add dev %s parent 1:%d classid 1:3 htb rate %dkbit ceil %dkbit burst %dk prio %d",
1298 tc
, lan
, parent
, free_min
, free_max
,burst
, lowest_priority
);
1300 sprintf(str
, "%s class add dev %s parent 1:%d classid 1:3 htb rate %dkbit ceil %dkbit burst %dk prio %d",
1301 tc
, wan
, parent
, free_min
, free_max
, burst
, lowest_priority
);
1304 if(strcmpi(qos_leaf
, "none"))
1306 sprintf(str
,"%s qdisc add dev %s parent 1:3 handle 3 %s", tc
, lan
, qos_leaf
);
1309 sprintf(str
,"%s qdisc add dev %s parent 1:3 handle 3 %s", tc
, wan
, qos_leaf
);
1312 /* tc handle 1 fw flowid */
1313 sprintf(str
,"%s filter add dev %s parent 1:0 protocol ip handle 3 fw flowid 1:3", tc
, lan
);
1316 sprintf(str
,"%s filter add dev %s parent 1:0 protocol ip handle 3 fw flowid 1:3", tc
, wan
);
1319 printf("Total IP count: %d\n", i
);
1326 /* that's all folks, thank you for reading it all the way up to this point ;-) */
1327 /* bad luck C<<1 is not yet finished, I promise no sprintf() next time... */
This page took 1.090551 seconds and 4 git commands to generate.