struct Group *groups = NULL, *group;\r
struct Keyword *keyword, *defaultkeyword=NULL, *keywords=NULL;\r
\r
+#define FREE_CLASS 3\r
+#define OVERLIMIT_CLASS 4\r
+\r
void help(void);\r
/* implemented in help.c */
\r
sprintf(str,"-A FORWARD -d %s -o %s -j ACCEPT", qos_free_zone, wan);\r
iptables_save_line(str, FALSE); /* this is currently supported only for IPv4 */\r
\r
+/*\r
if(qos_proxy)\r
{\r
iptables_save_line(":post_noproxy - [0:0]", FALSE);\r
\r
chain="post_noproxy"; \r
}\r
+\r
else\r
{\r
- chain="POSTROUTING";\r
- }\r
+*/\r
+ chain = "POSTROUTING";\r
+// }\r
\r
sprintf(str,"-A %s -s %s -o %s -j ACCEPT", chain, qos_free_zone, lan);\r
iptables_save_line(str, FALSE);\r
chain_postrouting="POSTROUTING";\r
}\r
\r
- /* packet limits - this will be optional in future, hardcoded for now */\r
+ /* packet limits - this will be optional in future */\r
if(ip->pps_limit)\r
{\r
sprintf(limit_pkts, "-m limit --limit %d/s --limit-burst %d ", \r
lan, mark_iptables, ip->mark);\r
iptables_save_line(str, ip->v6);\r
\r
+/*\r
if(qos_proxy)\r
{\r
sprintf(str, "-A %s -s %s -p tcp --sport %d -d %s/%d -o %s -j %s%d",\r
32*(1+ip->v6), lan, mark_iptables, ip->mark);\r
iptables_save_line(str, ip->v6);\r
}\r
-\r
+*/\r
sprintf(str, "-A %s -d %s/%d -o %s %s-j ACCEPT",\r
chain_postrouting, ip->addr, 32*(1+ip->v6), lan, limit_pkts);\r
iptables_save_line(str, ip->v6);\r
\r
+ /* classify overlimit packets to separate overlimit class */\r
+ sprintf(str, "-A %s -d %s/%d -o %s -j %s%d",\r
+ chain_postrouting, ip->addr, 32*(1+ip->v6),\r
+ lan, mark_iptables, OVERLIMIT_CLASS);\r
+ iptables_save_line(str, ip->v6);\r
+\r
+ sprintf(str, "-A %s -d %s/%d -o %s -j ACCEPT",\r
+ chain_postrouting, ip->addr, 32*(1+ip->v6), lan);\r
+ iptables_save_line(str, ip->v6);\r
+\r
/* -------------------------------------------------------- mark upload */\r
sprintf(str, "-A %s -s %s/%d -o %s -j %s%d", \r
chain_forward, ip->addr, 32*(1+ip->v6), wan, mark_iptables, ip->mark);\r
chain_forward, ip->addr, 32*(1+ip->v6), wan, limit_pkts);\r
iptables_save_line(str, ip->v6);\r
\r
+ /* classify overlimit packets to separate overlimit class */\r
+ sprintf(str, "-A %s -s %s/%d -o %s -j %s%d", \r
+ chain_forward, ip->addr, 32*(1+ip->v6), wan, mark_iptables, OVERLIMIT_CLASS);\r
+ iptables_save_line(str, ip->v6);\r
+\r
+ sprintf(str, "-A %s -s %s/%d -o %s -j ACCEPT",\r
+ chain_forward, ip->addr, 32*(1+ip->v6), wan);\r
+ iptables_save_line(str, ip->v6);\r
+\r
if(ip->min)\r
{\r
/* -------------------------------------------------------- download class */\r
final_chain = "ACCEPT";\r
}\r
\r
+/*\r
if(qos_proxy)\r
{\r
if(free_min) \r
{\r
sprintf(str, "-A %s -s %s -p tcp --sport %d -o %s -j %s%d",\r
chain_postrouting,proxy_ip,proxy_port,lan,mark_iptables, 3);\r
- iptables_save_line(str, FALSE); /* only for IPv4 */\r
+ iptables_save_line(str, FALSE); // only for IPv4\r
}\r
sprintf(str, "-A %s -s %s -p tcp --sport %d -o %s -j %s",\r
chain_postrouting,proxy_ip,proxy_port,lan,final_chain);\r
- iptables_save_line(str, FALSE); /* only for IPv4 */\r
+ iptables_save_line(str, FALSE); // only for IPv4\r
}\r
+*/\r
\r
if(free_min)\r
{\r
sprintf(str, "-A %s -o %s -j %s%d",\r
- chain_postrouting, lan, mark_iptables, 3);\r
+ chain_postrouting, lan, mark_iptables, FREE_CLASS);\r
iptables_save_line(str, FALSE); /* only for IPv4 */\r
}\r
\r
\r
if(free_min)\r
{\r
- sprintf(str,"-A %s -o %s -j %s%d", chain_forward, wan, mark_iptables, 3);\r
+ sprintf(str,"-A %s -o %s -j %s%d", chain_forward, wan, mark_iptables, FREE_CLASS);\r
iptables_save_line(str, FALSE); /* only for IPv4 */\r
}\r
\r
if(free_min) /* allocate free bandwith if it is not zero... */ \r
{\r
/*-----------------------------------------------------------------*/\r
- puts("Generating free bandwith classes ...");\r
+ puts("Generating free bandwith class ...");\r
/*-----------------------------------------------------------------*/\r
- sprintf(str, "%s class add dev %s parent 1:%d classid 1:3 htb rate %dkbit ceil %dkbit burst %dk prio %d",\r
- tc, lan, parent, free_min, free_max,burst, lowest_priority);\r
+ sprintf(str, "%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d",\r
+ tc, lan, parent, FREE_CLASS, free_min, free_max,burst, lowest_priority);\r
safe_run(str);\r
- sprintf(str, "%s class add dev %s parent 1:%d classid 1:3 htb rate %dkbit ceil %dkbit burst %dk prio %d",\r
- tc, wan, parent, free_min, free_max, burst, lowest_priority);\r
+ sprintf(str, "%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d",\r
+ tc, wan, parent, FREE_CLASS, free_min, free_max, burst, lowest_priority);\r
safe_run(str);\r
/* tc SFQ */\r
if(strcmpi(qos_leaf, "none"))\r
{\r
- sprintf(str,"%s qdisc add dev %s parent 1:3 handle 3 %s", tc, lan, qos_leaf);\r
+ sprintf(str,"%s qdisc add dev %s parent 1:%d handle %d %s", tc, lan, FREE_CLASS, FREE_CLASS, qos_leaf);\r
safe_run(str);\r
\r
- sprintf(str,"%s qdisc add dev %s parent 1:3 handle 3 %s", tc, wan, qos_leaf);\r
+ sprintf(str,"%s qdisc add dev %s parent 1:%d handle %d %s", tc, wan, FREE_CLASS, FREE_CLASS, qos_leaf);\r
safe_run(str);\r
} \r
/* tc handle 1 fw flowid */\r
- sprintf(str,"%s filter add dev %s parent 1:0 protocol ip handle 3 fw flowid 1:3", tc, lan);\r
+ sprintf(str,"%s filter add dev %s parent 1:0 protocol ip handle %d fw flowid 1:%d", tc, lan, FREE_CLASS, FREE_CLASS);\r
+ safe_run(str);\r
+\r
+ sprintf(str,"%s filter add dev %s parent 1:0 protocol ip handle %d fw flowid 1:%d", tc, wan, FREE_CLASS, FREE_CLASS);\r
safe_run(str);\r
\r
- sprintf(str,"%s filter add dev %s parent 1:0 protocol ip handle 3 fw flowid 1:3", tc, wan);\r
+ /*-----------------------------------------------------------------*/\r
+ puts("Generating bandwith class for overlimit packets...");\r
+ /*-----------------------------------------------------------------*/\r
+ sprintf(str, "%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d",\r
+ tc, lan, parent, OVERLIMIT_CLASS, 1024, 4096, burst, lowest_priority);\r
+ safe_run(str);\r
+ sprintf(str, "%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d",\r
+ tc, wan, parent, OVERLIMIT_CLASS, 1024, 4096, burst, lowest_priority);\r
safe_run(str);\r
}\r
printf("Total IP count: %d\n", i);\r