#!/bin/sh
#
# Shell-Skript fuer Quality of Service mit HTB
#

EXTIF=ppp0
INTIF=eth0

############
# Outgoing
############
## Root
/sbin/tc qdisc add dev $EXTIF root handle 1:0 htb default 12
## Hauptklasse
/sbin/tc class add dev $EXTIF parent 1:0 classid 1:1 htb rate 125kbit ceil 125kbit
## Klasse fuer ACK
/sbin/tc class add dev $EXTIF parent 1:1 classid 1:10 htb rate 10kbit ceil 125kbit prio 0
## Klasse fuer VPN/SSH
/sbin/tc class add dev $EXTIF parent 1:1 classid 1:11 htb rate 30kbit ceil 125kbit prio 1
## Klasse fuer normalen Traffic
/sbin/tc class add dev $EXTIF parent 1:1 classid 1:12 htb rate 75kbit ceil 125kbit prio 2
## Klasse fuer Bulk
/sbin/tc class add dev $EXTIF parent 1:1 classid 1:13 htb rate 10kbit ceil 100kbit prio 3

# ACKs
iptables -A POSTROUTING -t mangle -o $EXTIF -p tcp -m length --length :64 -j MARK --set-mark 10
# VPN/IPsec
iptables -A POSTROUTING -t mangle -o $EXTIF -p 50 -j MARK --set-mark 11
# SSH
iptables -A POSTROUTING -t mangle -o $EXTIF -p tcp --dport 22 -j MARK --set-mark 11
# lokaler SSH Server auf Port 4444 
# iptables -A OUTPUT -t mangle -o $EXTIF -p tcp --sport 4444 -j MARK --set-mark 11
# SMTP
iptables -A POSTROUTING -t mangle -o $EXTIF -p tcp --dport 25 -j MARK --set-mark 13
# eDonkey
iptables -A POSTROUTING -t mangle -o $EXTIF -p tcp --dport 4662 -j MARK --set-mark 13
iptables -A POSTROUTING -t mangle -o $EXTIF -p tcp --sport 4662 -j MARK --set-mark 13

tc filter add dev $EXTIF parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10
tc filter add dev $EXTIF parent 1:0 prio 0 protocol ip handle 11 fw flowid 1:11
# default: 1:12
tc filter add dev $EXTIF parent 1:0 prio 0 protocol ip handle 13 fw flowid 1:13


###########
# Incoming 
###########
#/sbin/tc qdisc add dev $INTIF root handle 2:0 htb default 20
#/sbin/tc class add dev $INTIF parent 2:0 classid 2:2 htb rate 750kbit ceil 750kbit
#/sbin/tc class add dev $INTIF parent 2:2 classid 2:20 htb rate 500kbit ceil 700kbit prio 1
#/sbin/tc class add dev $INTIF parent 2:2 classid 2:21 htb rate 150kbit ceil 750kbit prio 0
#/sbin/tc class add dev $INTIF parent 2:2 classid 2:22 htb rate 100kbit ceil 500kbit prio 3

# ACKs
#iptables -A POSTROUTING -t mangle -o $INTIF -m length --length :200 -j MARK --set-mark 21
# SSH 
#iptables -A POSTROUTING -t mangle -o $INTIF -p tcp --sport 22 -j MARK --set-mark 21
# eDonkey
#iptables -A POSTROUTING -t mangle -o $INTIF -p tcp --dport 4662 -j MARK --set-mark 22
#iptables -A POSTROUTING -t mangle -o $INTIF -p tcp --sport 4662 -j MARK --set-mark 22
# zu drosselnder Rechner
#iptables -A POSTROUTING -t mangle -o $INTIF -d 192.168.111.1 -j MARK --set-mark 22

#tc filter add dev $INTIF parent 2:0 prio 0 protocol ip handle 21 fw flowid 2:21
#tc filter add dev $INTIF parent 2:0 prio 0 protocol ip handle 22 fw flowid 2:22


#########
# SFQ
#########
tc qdisc add dev $EXTIF parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev $EXTIF parent 1:11 handle 11: sfq perturb 10
tc qdisc add dev $EXTIF parent 1:12 handle 12: sfq perturb 10
tc qdisc add dev $EXTIF parent 1:13 handle 13: sfq perturb 10

#tc qdisc add dev $INTIF parent 2:20 handle 20: sfq perturb 10
#tc qdisc add dev $INTIF parent 2:21 handle 21: sfq perturb 10
#tc qdisc add dev $INTIF parent 2:22 handle 22: sfq perturb 10