mirror of
https://gitlab.com/shorewall/code.git
synced 2025-01-11 08:08:12 +01:00
Fix 'check -e' and traffic shaping
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4372 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
f9685d5ddd
commit
9f69be3295
@ -1512,7 +1512,7 @@ log_rule_limit() # $1 = log level, $2 = chain, $3 = display Chain $4 = dispositi
|
|||||||
error_message "WARNING: Log Prefix shortened to \"$prefix\""
|
error_message "WARNING: Log Prefix shortened to \"$prefix\""
|
||||||
fi
|
fi
|
||||||
|
|
||||||
[ "$COMMAND" = compile ] && prefix="\"$prefix\""
|
[ "$COMMAND" = compile -o "$COMMAND" = check ] && prefix="\"$prefix\""
|
||||||
|
|
||||||
case $level in
|
case $level in
|
||||||
ULOG)
|
ULOG)
|
||||||
@ -1727,45 +1727,55 @@ setup_traffic_shaping()
|
|||||||
|
|
||||||
dev=$(chain_base $device)
|
dev=$(chain_base $device)
|
||||||
|
|
||||||
if [ $COMMAND = compile ]; then
|
case $COMMAND in
|
||||||
save_command "if qt ip link ls dev $device; then"
|
compile|check)
|
||||||
indent="$INDENT"
|
save_command "if qt ip link ls dev $device; then"
|
||||||
INDENT="$INDENT "
|
indent="$INDENT"
|
||||||
save_command ${dev}_exists=Yes
|
INDENT="$INDENT "
|
||||||
save_command qt tc qdisc del dev $device root
|
save_command ${dev}_exists=Yes
|
||||||
save_command qt tc qdisc del dev $device ingress
|
save_command qt tc qdisc del dev $device root
|
||||||
elif ! qt ip link ls dev $device; then
|
save_command qt tc qdisc del dev $device ingress
|
||||||
error_message "WARNING: Device $device not found -- traffic-shaping configuration skipped"
|
;;
|
||||||
return 1
|
*)
|
||||||
fi
|
if ! qt ip link ls dev $device; then
|
||||||
|
error_message "WARNING: Device $device not found -- traffic-shaping configuration skipped"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
defmark=$(get_defmark_for_dev $device)
|
defmark=$(get_defmark_for_dev $device)
|
||||||
|
|
||||||
run_tc qdisc add dev $device root handle $devnum: htb default 1$defmark
|
run_tc qdisc add dev $device root handle $devnum: htb default 1$defmark
|
||||||
|
|
||||||
if [ $COMMAND = compile ]; then
|
case $COMMAND in
|
||||||
save_command "${dev}_mtu=\$(get_device_mtu $device)"
|
compile|check)
|
||||||
run_tc "class add dev $device parent $devnum: classid $devnum:1 htb rate $outband mtu \$${dev}_mtu"
|
save_command "${dev}_mtu=\$(get_device_mtu $device)"
|
||||||
else
|
run_tc "class add dev $device parent $devnum: classid $devnum:1 htb rate $outband mtu \$${dev}_mtu"
|
||||||
run_tc class add dev $device parent $devnum: classid $devnum:1 htb rate $outband mtu $(get_device_mtu $device)
|
;;
|
||||||
fi
|
*)
|
||||||
|
run_tc class add dev $device parent $devnum: classid $devnum:1 htb rate $outband mtu $(get_device_mtu $device)
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
run_tc qdisc add dev $device handle ffff: ingress
|
run_tc qdisc add dev $device handle ffff: ingress
|
||||||
run_tc filter add dev $device parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate ${inband} burst 10k drop flowid :1
|
run_tc filter add dev $device parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate ${inband} burst 10k drop flowid :1
|
||||||
eval ${dev}_devnum=$devnum
|
eval ${dev}_devnum=$devnum
|
||||||
devnum=$(($devnum + 1))
|
devnum=$(($devnum + 1))
|
||||||
|
|
||||||
if [ $COMMAND = compile ]; then
|
case $COMMAND in
|
||||||
save_progress_message_short " TC Device $tcdev defined."
|
compile|check)
|
||||||
INDENT="$indent"
|
save_progress_message_short " TC Device $tcdev defined."
|
||||||
save_command else
|
INDENT="$indent"
|
||||||
INDENT="$INDENT "
|
save_command else
|
||||||
save_command error_message "\"WARNING: Device $device not found -- traffic-shaping configuration skipped\""
|
INDENT="$INDENT "
|
||||||
save_command "${dev}_exists="
|
save_command error_message "\"WARNING: Device $device not found -- traffic-shaping configuration skipped\""
|
||||||
INDENT="$indent"
|
save_command "${dev}_exists="
|
||||||
save_command "fi"
|
INDENT="$indent"
|
||||||
save_command
|
save_command "fi"
|
||||||
fi
|
save_command
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
@ -1775,13 +1785,16 @@ setup_traffic_shaping()
|
|||||||
|
|
||||||
dev=$(chain_base $device)
|
dev=$(chain_base $device)
|
||||||
|
|
||||||
if [ $COMMAND = compile ]; then
|
case $COMMAND in
|
||||||
save_command "if [ -n \"\$${dev}_exists\" ] ; then"
|
compile|check)
|
||||||
indent="$INDENT"
|
save_command "if [ -n \"\$${dev}_exists\" ] ; then"
|
||||||
INDENT="$INDENT "
|
indent="$INDENT"
|
||||||
else
|
INDENT="$INDENT "
|
||||||
qt ip link ls dev $device || return 1
|
;;
|
||||||
fi
|
*)
|
||||||
|
qt ip link ls dev $device || return 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
full=$(get_outband_for_dev $device)
|
full=$(get_outband_for_dev $device)
|
||||||
full=$(rate_to_kbit $full)
|
full=$(rate_to_kbit $full)
|
||||||
@ -1816,14 +1829,17 @@ setup_traffic_shaping()
|
|||||||
|
|
||||||
quantum=$(calculate_quantum $rate)
|
quantum=$(calculate_quantum $rate)
|
||||||
|
|
||||||
if [ $COMMAND = compile ]; then
|
case $COMMAND in
|
||||||
save_command "[ \$${dev}_mtu -gt $quantum ] && quantum=\$${dev}_mtu || quantum=$quantum"
|
compile|check)
|
||||||
run_tc "class add dev $device parent $devnum:1 classid $classid htb rate $rate ceil $ceil prio $prio mtu \$${dev}_mtu quantum \$quantum"
|
save_command "[ \$${dev}_mtu -gt $quantum ] && quantum=\$${dev}_mtu || quantum=$quantum"
|
||||||
else
|
run_tc "class add dev $device parent $devnum:1 classid $classid htb rate $rate ceil $ceil prio $prio mtu \$${dev}_mtu quantum \$quantum"
|
||||||
[ "$last_device" = $device ] || mtu=$(get_device_mtu $device)
|
;;
|
||||||
[ $mtu -gt $quantum ] && quantum=$mtu
|
*)
|
||||||
run_tc class add dev $device parent $devnum:1 classid $classid htb rate $rate ceil $ceil prio $prio mtu $mtu quantum $quantum
|
[ "$last_device" = $device ] || mtu=$(get_device_mtu $device)
|
||||||
fi
|
[ $mtu -gt $quantum ] && quantum=$mtu
|
||||||
|
run_tc class add dev $device parent $devnum:1 classid $classid htb rate $rate ceil $ceil prio $prio mtu $mtu quantum $quantum
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
run_tc qdisc add dev $device parent $classid handle 1$mark: sfq perturb 10
|
run_tc qdisc add dev $device parent $classid handle 1$mark: sfq perturb 10
|
||||||
# add filters
|
# add filters
|
||||||
@ -1852,12 +1868,14 @@ setup_traffic_shaping()
|
|||||||
run_tc filter add dev $device parent $devnum:0 protocol ip prio 10 u32 match ip tos ${tospair%%/*} $tosmask flowid $classid
|
run_tc filter add dev $device parent $devnum:0 protocol ip prio 10 u32 match ip tos ${tospair%%/*} $tosmask flowid $classid
|
||||||
done
|
done
|
||||||
|
|
||||||
if [ $COMMAND = compile ]; then
|
case $COMMAND in
|
||||||
save_progress_message_short " TC Class $tcdev defined."
|
compile|check)
|
||||||
INDENT="$indent"
|
save_progress_message_short " TC Class $tcdev defined."
|
||||||
save_command fi
|
INDENT="$indent"
|
||||||
save_command
|
save_command fi
|
||||||
fi
|
save_command
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
@ -61,8 +61,7 @@
|
|||||||
# shorewall show classifiers Display classifiers
|
# shorewall show classifiers Display classifiers
|
||||||
# shorewall show capabilities Display iptables/kernel capabilities
|
# shorewall show capabilities Display iptables/kernel capabilities
|
||||||
# shorewall version Display the installed version id
|
# shorewall version Display the installed version id
|
||||||
# shorewall check Verify the more heavily-used
|
# shorewall check [ -e ] [ <directory> ] Dry-run compilation.
|
||||||
# configuration files.
|
|
||||||
# shorewall try <directory> [ <timeout> ] Try a new configuration and if
|
# shorewall try <directory> [ <timeout> ] Try a new configuration and if
|
||||||
# it doesn't work, revert to the
|
# it doesn't work, revert to the
|
||||||
# standard one. If a timeout is supplied
|
# standard one. If a timeout is supplied
|
||||||
|
Loading…
Reference in New Issue
Block a user