Eu tenho um problema que não consigo resolver.
O script, que define as regras para a modelagem de tráfego, está bloqueando o tráfego de alguns hosts. Se eu remover todas as regras, funcionará. Eu não consigo entender por quê? Aqui está o meu roteiro ...
#!/bin/sh
cmdTC=/sbin/tc
rateLANDl="60mbit"
ceilLANDl="60mbit"
rateLANUl="40mbit"
ceilLANUl="40mbit"
quantLAN="1514"
# Nowaday bandwidth limit set to 100mbit.
# We devide it with 60mbit download and 40mbit upload bandthes.
rateHiDl="30mbit"
ceilHiDl="60mbit"
rateHiUl="20mbit"
ceilHiUl="40mbit"
quantHi="1514"
rateLoDl="30mbit"
ceilLoDl="60mbit"
rateLoUl="20mbit"
ceilLoUl="40mbit"
quantLo="1514"
devNIF=eth0
devFIF=ifb0
modprobe ifb
ip link set $devFIF up 2>/dev/null
#exit 0
################################################################################################
# Remove discuiplines from network and fake interfaces
################################################################################################
$cmdTC qdisc del dev $devNIF root 2>/dev/null
$cmdTC qdisc del dev $devFIF root 2>/dev/null
$cmdTC qdisc del dev $devNIF ingress 2>/dev/null
if [ "$1" = "down" ]; then
exit 0
fi
################################################################################################
# Create discuiplines for network interface
################################################################################################
$cmdTC qdisc add dev $devNIF root handle 1:0 htb default 12
# Create classes for network interface
$cmdTC class add dev $devNIF parent 1:0 classid 1:1 htb rate ${rateLANDl} ceil ${ceilLANDl} quantum ${quantLAN}
$cmdTC class add dev $devNIF parent 1:1 classid 1:11 htb rate ${rateHiDl} ceil ${ceilHiDl} quantum ${quantHi}
$cmdTC class add dev $devNIF parent 1:1 classid 1:12 htb rate ${rateLoDl} ceil ${ceilLoDl} quantum ${quantLo}
$cmdTC qdisc add dev $devNIF parent 1:11 handle 111: sfq perturb 10
$cmdTC qdisc add dev $devNIF parent 1:12 handle 112: sfq perturb 10
# Create filters for network interface
$cmdTC filter add dev $devNIF protocol all parent 1:0 u32 match ip dst 10.252.2.0/24 flowid 1:11
$cmdTC filter add dev $devNIF protocol all parent 111: handle 111 flow hash keys dst divisor 1024 baseclass 1:11
$cmdTC filter add dev $devNIF protocol all parent 112: handle 112 flow hash keys dst divisor 1024 baseclass 1:12
################################################################################################
# Create discuiplines for fake interface
################################################################################################
$cmdTC qdisc add dev $devFIF root handle 1:0 htb default 12
# Create classes for network interface
$cmdTC class add dev $devFIF parent 1:0 classid 1:1 htb rate ${rateLANUl} ceil ${ceilLANUl} quantum ${quantLAN}
$cmdTC class add dev $devFIF parent 1:1 classid 1:11 htb rate ${rateHiUl} ceil ${ceilHiUl} quantum ${quantHi}
$cmdTC class add dev $devFIF parent 1:1 classid 1:12 htb rate ${rateLoUl} ceil ${ceilLoUl} quantum ${quantLo}
$cmdTC qdisc add dev $devFIF parent 1:11 handle 111: sfq perturb 10
$cmdTC qdisc add dev $devFIF parent 1:12 handle 112: sfq perturb 10
# Create filters for network interface
$cmdTC filter add dev $devFIF protocol all parent 1:0 u32 match ip src 10.252.2.0/24 flowid 1:11
$cmdTC filter add dev $devFIF protocol all parent 111: handle 111 flow hash keys src divisor 1024 baseclass 1:11
$cmdTC filter add dev $devFIF protocol all parent 112: handle 112 flow hash keys src divisor 1024 baseclass 1:12
################################################################################################
# Create redirect discuiplines from network to fake interface
################################################################################################
$cmdTC qdisc add dev $devNIF handle ffff:0 ingress
$cmdTC filter add dev $devNIF parent ffff:0 protocol all u32 match u32 0 0 action mirred egress redirect dev $devFIF
Aqui está meu / etc / modules:
loop
ifb
ppp_mppe
nf_conntrack_pptp
nt_conntrack_proto_gre
nf_nat_pptp
nf_nat_proto_gre
O sistema é o Linux wall 2.6.32-5-amd64 # 1 SMP Dom 23 de setembro 10:07:46 UTC 2012 x86_64 GNU / Linux