forked from extern/shorewall_code
Add tcfilters to manpage index
This commit is contained in:
Tom Eastep
parent
6040f02bb0
commit
625f254d02
@ -443,7 +443,7 @@ sub process_flow($) {
|
||||
}
|
||||
|
||||
sub process_simple_device() {
|
||||
my ( $device , $type , $bandwidth ) = split_line 1, 3, 'tcinterfaces';
|
||||
my ( $device , $type , $in_bandwidth , $out_part ) = split_line 1, 4, 'tcinterfaces';
|
||||
|
||||
fatal_error "Duplicate INTERFACE ($device)" if $tcdevices{$device};
|
||||
fatal_error "Invalid INTERFACE name ($device)" if $device =~ /[:+]/;
|
||||
@ -463,7 +463,7 @@ sub process_simple_device() {
|
||||
}
|
||||
}
|
||||
|
||||
$bandwidth = rate_to_kbit( $bandwidth );
|
||||
$in_bandwidth = rate_to_kbit( $in_bandwidth );
|
||||
|
||||
emit "if interface_is_up $physical; then";
|
||||
|
||||
@ -475,10 +475,49 @@ sub process_simple_device() {
|
||||
);
|
||||
|
||||
emit ( "run_tc qdisc add dev $physical handle ffff: ingress",
|
||||
"run_tc filter add dev $physical parent ffff: protocol all prio 10 u32 match ip src 0.0.0.0/0 police rate ${bandwidth}kbit burst 10k drop flowid :1\n"
|
||||
) if $bandwidth;
|
||||
"run_tc filter add dev $physical parent ffff: protocol all prio 10 u32 match ip src 0.0.0.0/0 police rate ${in_bandwidth}kbit burst 10k drop flowid :1\n"
|
||||
) if $in_bandwidth;
|
||||
|
||||
emit "run_tc qdisc add dev $physical root handle $number: prio bands 3 priomap $config{TC_PRIOMAP}";
|
||||
if ( $out_part ne '-' ) {
|
||||
my ( $out_bandwidth, $burst, $latency, $peak, $minburst ) = split ':', $out_part;
|
||||
|
||||
fatal_error "Invalid OUT-BANDWIDTH ($out_part)" if ( defined $minburst && $minburst =~ /:/ ) || $out_bandwidth eq '';
|
||||
|
||||
$out_bandwidth = rate_to_kbit( $out_bandwidth );
|
||||
|
||||
my $command = "run_tc qdisc add dev $physical root handle $number: tbf rate $out_bandwidth";
|
||||
|
||||
if ( defined $burst && $burst ne '' ) {
|
||||
fatal_error "Invalid burst ($burst)" unless $burst =~ /^\d+(k|kb|m|mb|mbit|kbit|b)?$/;
|
||||
$command .= " burst $burst";
|
||||
} else {
|
||||
fatal_error "Missing OUT-BANDWIDTH Burst ($out_part)";
|
||||
|
||||
if ( defined $latency && $latency ne '' ) {
|
||||
fatal_error "Invalid latency ($latency)" unless $latency =~ /\d+(s|sec|secs|ms|msec|msecs|us|usec|usecs)$?/
|
||||
$command .= " latency $latency"
|
||||
} else {
|
||||
fatal_error "Missing OUT-BANDWIDTH Latency ($out_part)";
|
||||
}
|
||||
|
||||
if ( defined $peak && $peak ne '' ) {
|
||||
$peak = rate_to_kbit( $peak );
|
||||
$command .= " peakrate $peak";
|
||||
}
|
||||
|
||||
if ( defined $minburst && $minburst ne '' ) {
|
||||
fatal_error "Invalid minburst ($minburst)" unless $minburst =~ /^\d+(k|kb|m|mb|mbit|kbit|b)?$/;
|
||||
$command .= " minburst $minburst";
|
||||
}
|
||||
|
||||
emit $command;
|
||||
|
||||
my $id = $number; $number = in_hexp( $devnum |= 0x100 );
|
||||
|
||||
emit "run_tc qdisc add dev $physical parent $id: handle $number: prio bands 3 priomap $config{TC_PRIOMAP}";
|
||||
} else {
|
||||
emit "run_tc qdisc add dev $physical root handle $number: prio bands 3 priomap $config{TC_PRIOMAP}";
|
||||
}
|
||||
|
||||
for ( my $i = 1; $i <= 3; $i++ ) {
|
||||
emit "run_tc qdisc add dev $physical parent $number:$i handle ${number}${i}: sfq quantum 1875 limit 127 perturb 10";
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
Changes in Shorewall 4.4.11
|
||||
|
||||
1) Retain UPnP and dynamic blacklist over 'restart'.
|
||||
1) Allow rate limiting with Simple Traffic Shaping.
|
||||
|
||||
Changes in Shorewall 4.4.10
|
||||
|
||||
|
||||
@ -230,8 +230,19 @@ None.
|
||||
V. N E W F E A T U R E S I N T H I S R E L E A S E
|
||||
----------------------------------------------------------------------------
|
||||
|
||||
1) Beginning with this release, UPnP state and the dynamic blacklist
|
||||
are preserved across 'restart'.
|
||||
1) Beginning with this release, Simple Traffic Shaping allows rate
|
||||
limiting of outbound traffic using a Token Bucket Filter (man
|
||||
tc-tbf).
|
||||
|
||||
The /etc/shorewall/tcinterfaces file has an additional column
|
||||
(OUT-BANDWIDTH).
|
||||
|
||||
The format of this column is:
|
||||
|
||||
<rate>:<burst>:<latency>[:<peakrate>[:<minburst>]]
|
||||
|
||||
See the tc and tc-tbf manpages for information about these
|
||||
parameters.
|
||||
|
||||
----------------------------------------------------------------------------
|
||||
V I. P R O B L E M S C O R R E C T E D A N D N E W F E A T U R E S
|
||||
|
||||
@ -137,6 +137,11 @@
|
||||
url="manpages/shorewall-tcdevices.html">tcdevices</ulink> - Specify
|
||||
speed of devices for traffic shaping.</member>
|
||||
|
||||
<member><ulink
|
||||
url="manpages/shorewall-tcfilters.html">tcfilters</ulink> - Classify
|
||||
traffic for shaping; often used with an IFB to shape ingress
|
||||
traffic.</member>
|
||||
|
||||
<member><ulink
|
||||
url="manpages/shorewall-tcinterfaces.html">tcinterfaces</ulink> -
|
||||
Specify devices for simplified traffic shaping.</member>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user