Bonsoir,
j'ai quelques soucis avec un script utilisant l'outil TC pour faire du QoS et traffic shaping.
J'ai loadé les modules suivants: ipt_TOS, cls_fw, cls_u32, sch_sfq, sch_prio, sch_htb.
Voilà le contenu du script:
---------------------------------------------------------------------------------
#!/bin/sh
##
#
# throttle.fw: Set the bandwidth policy, based on FWMARK
#
# Set your limits in the defines at the top. Someday this will be
# integrated into the nocat.conf...
#
##
# Note: your PATH is inherited from the gateway process
#
TOTAL_DOWN=256kbit
TOTAL_UP=128kbit
OWNER_DOWN=256kbit # fw mark 1
OWNER_UP=128kbit
OWNER_OPTIONS=""
COOP_DOWN=128kbit # fw mark 2
COOP_UP=64kbit
COOP_OPTIONS=""
PUBLIC_DOWN=32kbit # fw mark 3
PUBLIC_UP=32kbit
PUBLIC_OPTIONS="bounded"
OPTIONS="allot 1514 maxburst 20 avpkt 1000 prio 1"
METHOD="sfq quantum 1514b perturb 15"
##
# Now, the rules
##
#
# First, flush any existing root queues
#
tc qdisc del dev $InternalDevice root handle 10:
tc qdisc del dev $ExternalDevice root handle 20:
#
# Specify the queue discipline for both interfaces
#
tc qdisc add dev $InternalDevice root handle 10: cbq bandwidth 10Mbit avpkt 1000
tc qdisc add dev $ExternalDevice root handle 20: cbq bandwidth 10Mbit avpkt 1000
#
# Specify the root class (filling all bandwidth.)
# All other classes descend from these.
#
tc class add dev $InternalDevice \
parent 10:0 classid 10:1 cbq bandwidth 10Mbit rate $TOTAL_DOWN $OPTIONS
tc class add dev $ExternalDevice \
parent 20:0 classid 20:1 cbq bandwidth 10Mbit rate $TOTAL_UP $OPTIONS
##
# Define the user classes
##
#
# Owner class
#
tc class add dev $InternalDevice \
parent 10:1 classid 10:100 cbq bandwidth 10Mbit rate $OWNER_DOWN $OPTIONS $OWNER_OPTIONS
tc class add dev $ExternalDevice \
parent 20:1 classid 20:100 cbq bandwidth 10Mbit rate $OWNER_UP $OPTIONS $OWNER_OPTIONS
#
# Coop class
#
tc class add dev $InternalDevice \
parent 10:1 classid 10:200 cbq bandwidth 10Mbit rate $COOP_DOWN $OPTIONS $COOP_OPTIONS
tc class add dev $ExternalDevice \
parent 20:1 classid 20:200 cbq bandwidth 10Mbit rate $COOP_UP $OPTIONS $COOP_OPTIONS
#
# Public class
#
tc class add dev $InternalDevice \
parent 10:1 classid 10:300 cbq bandwidth 10Mbit rate $PUBLIC_DOWN $OPTIONS $PUBLIC_OPTIONS
tc class add dev $ExternalDevice \
parent 20:1 classid 20:300 cbq bandwidth 10Mbit rate $PUBLIC_UP $OPTIONS $PUBLIC_OPTIONS
##
# Add the queue management rules
##
tc qdisc add dev $InternalDevice parent 10:100 $METHOD
tc qdisc add dev $InternalDevice parent 10:200 $METHOD
tc qdisc add dev $InternalDevice parent 10:300 $METHOD
tc qdisc add dev $ExternalDevice parent 20:100 $METHOD
tc qdisc add dev $ExternalDevice parent 20:200 $METHOD
tc qdisc add dev $ExternalDevice parent 20:300 $METHOD
##
# Finally, filter each fwmark to the above defined classes
##
tc filter add dev $InternalDevice protocol ip parent 10: prio 1 handle 1 fw classid 10:100
tc filter add dev $InternalDevice protocol ip parent 10: prio 1 handle 2 fw classid 10:200
tc filter add dev $InternalDevice protocol ip parent 10: prio 1 handle 3 fw classid 10:300
tc filter add dev $ExternalDevice protocol ip parent 20: prio 1 handle 1 fw classid 20:100
tc filter add dev $ExternalDevice protocol ip parent 20: prio 1 handle 2 fw classid 20:200
tc filter add dev $ExternalDevice protocol ip parent 20: prio 1 handle 3 fw classid 20:300
###
## Now, the iptables rules
###
iptables -A OUTPUT -t mangle -p tcp --dport 22 -j TOS --set-tos Minimize-Delay
iptables -A OUTPUT -t mangle -p tcp --dport 80 -j TOS --set-tos Maximize-Throughput
iptables -A OUTPUT -t mangle -p tcp --dport 443 -j TOS --set-tos Maximize-Throughput
---------------------------------------------------------------------------------
J'ai rendu ce script exécutable, et quand je le lance j'ai droit à:
---------------------------------------------------------------------------------
server:/usr/local/nocat/gateway/bin# ./throttle.fw
Cannot find device "root"
Cannot find device "root"
Cannot find device "root"
Cannot find device "root"
Error: Qdisc "10:0" is classless.
Error: Qdisc "20:0" is classless.
Error: Qdisc "10:1" is classless.
Error: Qdisc "20:1" is classless.
Error: Qdisc "10:1" is classless.
Error: Qdisc "20:1" is classless.
Error: Qdisc "10:1" is classless.
Error: Qdisc "20:1" is classless.
Unknown qdisc "10:100", hence option "sfq" is unparsable
Unknown qdisc "10:200", hence option "sfq" is unparsable
Unknown qdisc "10:300", hence option "sfq" is unparsable
Unknown qdisc "20:100", hence option "sfq" is unparsable
Unknown qdisc "20:200", hence option "sfq" is unparsable
Unknown qdisc "20:300", hence option "sfq" is unparsable
Unknown filter "ip", hence option "parent" is unparsable
Unknown filter "ip", hence option "parent" is unparsable
Unknown filter "ip", hence option "parent" is unparsable
Unknown filter "ip", hence option "parent" is unparsable
Unknown filter "ip", hence option "parent" is unparsable
Unknown filter "ip", hence option "parent" is unparsable
---------------------------------------------------------------------------------
Ce script fait partie du système d'autentification Nocat.
Si quelqu'un à une idée... :)
Merci bonne soirée !
Suivre le flux des commentaires
Note : les commentaires appartiennent à celles et ceux qui les ont postés. Nous n’en sommes pas responsables.