extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-19 17:28:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add tcfilters to manpage index

Browse Source
This commit is contained in:
Tom Eastep 2010-06-10 06:15:15 -07:00
parent 6040f02bb0
commit 625f254d02
4 changed files with 63 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
Shorewall/Perl/Shorewall/Tc.pm
View File

@ -443,7 +443,7 @@ sub process_flow($) {
} }
sub process_simple_device() { sub process_simple_device() {
my ( $device , $type , $bandwidth ) = split_line 1, 3, 'tcinterfaces'; my ( $device , $type , $in_bandwidth , $out_part ) = split_line 1, 4, 'tcinterfaces';
fatal_error "Duplicate INTERFACE ($device)" if $tcdevices{$device}; fatal_error "Duplicate INTERFACE ($device)" if $tcdevices{$device};
fatal_error "Invalid INTERFACE name ($device)" if $device =~ /[:+]/; fatal_error "Invalid INTERFACE name ($device)" if $device =~ /[:+]/;
@ -463,7 +463,7 @@ sub process_simple_device() {
} }
} }
$bandwidth = rate_to_kbit( $bandwidth ); $in_bandwidth = rate_to_kbit( $in_bandwidth );
emit "if interface_is_up $physical; then"; emit "if interface_is_up $physical; then";
@ -475,10 +475,49 @@ sub process_simple_device() {
); );
emit ( "run_tc qdisc add dev $physical handle ffff: ingress", emit ( "run_tc qdisc add dev $physical handle ffff: ingress",
"run_tc filter add dev $physical parent ffff: protocol all prio 10 u32 match ip src 0.0.0.0/0 police rate ${bandwidth}kbit burst 10k drop flowid :1\n" "run_tc filter add dev $physical parent ffff: protocol all prio 10 u32 match ip src 0.0.0.0/0 police rate ${in_bandwidth}kbit burst 10k drop flowid :1\n"
) if $bandwidth; ) if $in_bandwidth;
emit "run_tc qdisc add dev $physical root handle $number: prio bands 3 priomap $config{TC_PRIOMAP}"; if ( $out_part ne '-' ) {
my ( $out_bandwidth, $burst, $latency, $peak, $minburst ) = split ':', $out_part;
fatal_error "Invalid OUT-BANDWIDTH ($out_part)" if ( defined $minburst && $minburst =~ /:/ ) || $out_bandwidth eq '';
$out_bandwidth = rate_to_kbit( $out_bandwidth );
my $command = "run_tc qdisc add dev $physical root handle $number: tbf rate $out_bandwidth";
if ( defined $burst && $burst ne '' ) {
fatal_error "Invalid burst ($burst)" unless $burst =~ /^\d+(k|kb|m|mb|mbit|kbit|b)?$/;
$command .= " burst $burst";
} else {
fatal_error "Missing OUT-BANDWIDTH Burst ($out_part)";
if ( defined $latency && $latency ne '' ) {
fatal_error "Invalid latency ($latency)" unless $latency =~ /\d+(s|sec|secs|ms|msec|msecs|us|usec|usecs)$?/
$command .= " latency $latency"
} else {
fatal_error "Missing OUT-BANDWIDTH Latency ($out_part)";
}
if ( defined $peak && $peak ne '' ) {
$peak = rate_to_kbit( $peak );
$command .= " peakrate $peak";
}
if ( defined $minburst && $minburst ne '' ) {
fatal_error "Invalid minburst ($minburst)" unless $minburst =~ /^\d+(k|kb|m|mb|mbit|kbit|b)?$/;
$command .= " minburst $minburst";
}
emit $command;
my $id = $number; $number = in_hexp( $devnum |= 0x100 );
emit "run_tc qdisc add dev $physical parent $id: handle $number: prio bands 3 priomap $config{TC_PRIOMAP}";
} else {
emit "run_tc qdisc add dev $physical root handle $number: prio bands 3 priomap $config{TC_PRIOMAP}";
}
for ( my $i = 1; $i <= 3; $i++ ) { for ( my $i = 1; $i <= 3; $i++ ) {
emit "run_tc qdisc add dev $physical parent $number:$i handle ${number}${i}: sfq quantum 1875 limit 127 perturb 10"; emit "run_tc qdisc add dev $physical parent $number:$i handle ${number}${i}: sfq quantum 1875 limit 127 perturb 10";

2
Shorewall/changelog.txt
View File

@ -1,6 +1,6 @@
Changes in Shorewall 4.4.11 Changes in Shorewall 4.4.11
1) Retain UPnP and dynamic blacklist over 'restart'. 1) Allow rate limiting with Simple Traffic Shaping.
Changes in Shorewall 4.4.10 Changes in Shorewall 4.4.10

15
Shorewall/releasenotes.txt
View File

@ -230,8 +230,19 @@ None.
V. N E W F E A T U R E S I N T H I S R E L E A S E V. N E W F E A T U R E S I N T H I S R E L E A S E
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
1) Beginning with this release, UPnP state and the dynamic blacklist 1) Beginning with this release, Simple Traffic Shaping allows rate
are preserved across 'restart'. limiting of outbound traffic using a Token Bucket Filter (man
tc-tbf).
The /etc/shorewall/tcinterfaces file has an additional column
(OUT-BANDWIDTH).
The format of this column is:
<rate>:<burst>:<latency>[:<peakrate>[:<minburst>]]
See the tc and tc-tbf manpages for information about these
parameters.
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
V I. P R O B L E M S C O R R E C T E D A N D N E W F E A T U R E S V I. P R O B L E M S C O R R E C T E D A N D N E W F E A T U R E S

5
docs/Manpages.xml
View File

@ -137,6 +137,11 @@
url="manpages/shorewall-tcdevices.html">tcdevices</ulink> - Specify url="manpages/shorewall-tcdevices.html">tcdevices</ulink> - Specify
speed of devices for traffic shaping.</member> speed of devices for traffic shaping.</member>
<member><ulink
url="manpages/shorewall-tcfilters.html">tcfilters</ulink> - Classify
traffic for shaping; often used with an IFB to shape ingress
traffic.</member>
<member><ulink <member><ulink
url="manpages/shorewall-tcinterfaces.html">tcinterfaces</ulink> - url="manpages/shorewall-tcinterfaces.html">tcinterfaces</ulink> -
Specify devices for simplified traffic shaping.</member> Specify devices for simplified traffic shaping.</member>