2600d4398ea3ae0031ac6f58c3c78f2f4b3dfabf
3 # please read the README before filling out these values
5 # Set the following values to somewhat less than your actual download
6 # and uplink speed. In kilobits. Also set the device that is to be shaped.
12 # low priority OUTGOING traffic - you can leave this blank if you want
13 # low priority source netmasks
16 # low priority destination netmasks
19 # low priority source ports
22 # low priority destination ports
25 if [ "$1" = "status" ]
27 tc
-s qdisc
ls dev
$DEV
28 tc
-s class
ls dev
$DEV
32 # clean existing down- and uplink qdiscs, hide errors
33 tc qdisc del dev
$DEV root
2> /dev
/null
> /dev
/null
34 tc qdisc del dev
$DEV ingress
2> /dev
/null
> /dev
/null
38 # install root HTB, point default traffic to 1:20:
40 tc qdisc add dev
$DEV root handle
1: htb default
20
42 # shape everything at $UPLINK speed - this prevents huge queues in your
43 # DSL modem which destroy latency:
45 tc class add dev
$DEV parent
1: classid
1:1 htb rate
${UPLINK}kbit burst
6k
47 # high prio class 1:10:
49 tc class add dev
$DEV parent
1:1 classid
1:10 htb rate
${UPLINK}kbit \
52 # bulk & default class 1:20 - gets slightly less traffic,
53 # and a lower priority:
55 tc class add dev
$DEV parent
1:1 classid
1:20 htb rate $
((9*$UPLINK/10))kbit \
58 tc class add dev
$DEV parent
1:1 classid
1:30 htb rate $
((8*$UPLINK/10))kbit \
61 # all get Stochastic Fairness:
62 tc qdisc add dev
$DEV parent
1:10 handle
10: sfq perturb
10
63 tc qdisc add dev
$DEV parent
1:20 handle
20: sfq perturb
10
64 tc qdisc add dev
$DEV parent
1:30 handle
30: sfq perturb
10
66 # TOS Minimum Delay (ssh, NOT scp) in 1:10:
68 tc filter add dev
$DEV parent
1:0 protocol ip prio
10 u32 \
69 match ip tos
0x10 0xff flowid
1:10
71 # ICMP (ip protocol 1) in the interactive class 1:10 so we
72 # can do measurements & impress our friends:
73 tc filter add dev
$DEV parent
1:0 protocol ip prio
10 u32 \
74 match ip protocol
1 0xff flowid
1:10
76 # To speed up downloads while an upload is going on, put ACK packets in
77 # the interactive class:
79 tc filter add dev
$DEV parent
1: protocol ip prio
10 u32 \
80 match ip protocol
6 0xff \
81 match u8
0x05 0x0f at 0 \
82 match u16
0x0000 0xffc0 at 2 \
83 match u8
0x10 0xff at 33 \
86 # rest is 'non-interactive' ie 'bulk' and ends up in 1:20
88 # some traffic however suffers a worse fate
89 for a
in $NOPRIOPORTDST
91 tc filter add dev
$DEV parent
1: protocol ip prio
14 u32 \
92 match ip dport
$a 0xffff flowid
1:30
95 for a
in $NOPRIOPORTSRC
97 tc filter add dev
$DEV parent
1: protocol ip prio
15 u32 \
98 match ip sport
$a 0xffff flowid
1:30
101 for a
in $NOPRIOHOSTSRC
103 tc filter add dev
$DEV parent
1: protocol ip prio
16 u32 \
104 match ip src
$a flowid
1:30
107 for a
in $NOPRIOHOSTDST
109 tc filter add dev
$DEV parent
1: protocol ip prio
17 u32 \
110 match ip dst
$a flowid
1:30
113 # rest is 'non-interactive' ie 'bulk' and ends up in 1:20
115 tc filter add dev
$DEV parent
1: protocol ip prio
18 u32 \
116 match ip dst
0.0.0.0/0 flowid
1:20
119 ########## downlink #############
120 # slow downloads down to somewhat less than the real speed to prevent
121 # queuing at our ISP. Tune to see how high you can set it.
122 # ISPs tend to have *huge* queues to make sure big downloads are fast
124 # attach ingress policer:
126 tc qdisc add dev
$DEV handle ffff
: ingress
128 # filter *everything* to it (0.0.0.0/0), drop everything that's
129 # coming in too fast:
131 tc filter add dev
$DEV parent ffff
: protocol ip prio
50 u32 match ip src \
132 0.0.0.0/0 police rate
${DOWNLINK}kbit burst
10k drop flowid
:1