#!/bin/sh MAXDOWN=15Mbps MAXUP=60kBps SSHUP=80kBps # Not Throttled BTUP=40kBps HTTPUP=60kBps # Throttled #BTUP=3kBps #HTTPUP=10kBps DEV=ethEXT echo "Clearing shaping rules" tc qdisc del dev $DEV root >/dev/null 2>&1 || true echo "Adding shaping rules" tc qdisc add dev $DEV root handle 1: htb default 14 r2q 5 tc class add dev $DEV parent 1: classid 1:1 htb rate 1Mbps ceil $MAXDOWN tc class add dev $DEV parent 1:1 classid 1:10 htb rate 2kBps ceil $BTUP tc class add dev $DEV parent 1:1 classid 1:11 htb rate 40kBps ceil $SSHUP tc class add dev $DEV parent 1:1 classid 1:12 htb rate 100kBps ceil $MAXDOWN tc class add dev $DEV parent 1:1 classid 1:13 htb rate 2kBps ceil $HTTPUP tc class add dev $DEV parent 1:1 classid 1:14 htb rate 2kBps ceil $BTUP tc qdisc add dev $DEV parent 1:10 handle 10: sfq tc qdisc add dev $DEV parent 1:11 handle 11: sfq tc qdisc add dev $DEV parent 1:12 handle 12: sfq tc qdisc add dev $DEV parent 1:13 handle 13: sfq tc qdisc add dev $DEV parent 1:14 handle 14: sfq tc filter add dev $DEV parent 1: protocol ip prio 4 handle 1 fw flowid 1:10 tc filter add dev $DEV parent 1: protocol ip prio 1 handle 2 fw flowid 1:11 tc filter add dev $DEV parent 1: protocol ip prio 2 handle 3 fw flowid 1:12 tc filter add dev $DEV parent 1: protocol ip prio 3 handle 4 fw flowid 1:13 # Upload iptables -t mangle -A POSTROUTING -o $DEV -p tcp -s 10.0.0.0/8 \ -j MARK --set-mark 1 iptables -t mangle -A POSTROUTING -o $DEV -p tcp -s 127.0.0.0/8 \ -j MARK --set-mark 1 # Mail/HTTP up iptables -t mangle -A POSTROUTING -o $DEV -p tcp -s 10.0.0.0/8 \ -m multiport --dport http,https,pop3,9001,ftp,smtp,smtps,8026 \ -j MARK --set-mark 4 # SSH iptables -t mangle -A POSTROUTING -o $DEV -p tcp --sport ssh -m length \ --length 40:100 -j MARK --set-mark 2 iptables -t mangle -A POSTROUTING -o $DEV -p tcp --dport ssh -m length \ --length 40:100 -j MARK --set-mark 2 # IMAP - It annoys the /hell/ out of me when it's slow.. iptables -t mangle -A POSTROUTING -o $DEV -p tcp -m multiport \ --sport imap,imaps -j MARK --set-mark 2 iptables -t mangle -A POSTROUTING -o $DEV -p tcp -m multiport \ --dport imap,imaps -j MARK --set-mark 2 # Mail/HTTP iptables -t mangle -A POSTROUTING -o $DEV -p tcp -m multiport \ --sport http,https,pop3,9001,ftp,smtp,smtps,8026 -j MARK --set-mark 3