[svn/Prometheus-QoS/.git] / prometheus.c

  /* - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  */\r
 /*     Prometheus QoS - you can "steal fire" from your ISP     */\r
/*      "fair-per-IP" quality of service (QoS) utility          */\r
/*      requires Linux 2.4.x or 2.6.x with HTB support          */\r
/*      Copyright(C) 2005-2012 Michael Polak, Arachne Labs      */\r
/*    iptables-restore support Copyright(C) 2007-2008 ludva     */\r
/*  Credit: CZFree.Net,Martin Devera,Netdave,Aquarius,Gandalf  */\r
/* - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  */\r
\r
/* Modified by: xChaos, 20120612\r
                 ludva, 20080415\r
 \r
   Prometheus QoS is free software; you can redistribute it and/or\r
   modify it under the terms of the GNU General Public License as \r
   published by the Free Software Foundation; either version 2.1 of \r
   the License, or (at your option) any later version.\r
\r
   Prometheus QoS is distributed in the hope that it will be useful,\r
   but WITHOUT ANY WARRANTY; without even the implied warranty of\r
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU\r
   General Public License for more details.\r
\r
   You should have received a copy of the GNU General Public License\r
   along with Prometheus Qos; if not, write to the Free Software\r
   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA \r
   \r
   GNU General Public License is located in file COPYING */\r
\r
#define STRLEN 512\r
#define FIRSTGROUPID 1024\r
#define FIRSTIPCLASS 2048\r
#undef DEBUG\r
\r
#include "cll1-0.6.2.h"\r
\r
const char *version = "0.8.3-f";\r
\r
/* Version numbers: 0.8.3 is development releases ("beta"), 0.8.4 will be "stable" */\r
/* Debian(RPM) package versions/patchlevels: 0.7.9-2, 0.8.0-1, 0.8.0-2, etc. */\r
/* C source code development versions ("beta"): 0.7.9-a, 0.8.1-b, etc. */\r
/* C source code release versions: 0.8.0, 0.8.2, 0.8.4, etc. */\r
\r
const char *stats_html_signature = "<span class=\"small\">Statistics generated by Prometheus QoS version %s<br />GPL+Copyright(C)2005-2012 Michael Polak, <a target=\"_blank\" href=\"http://www.arachne.cz/\">Arachne Labs</a></span>\n";\r
\r
/* ======= All path names are defined here (for RPM patch) =======  */\r
\r
const char        *tc = "/sbin/tc"; /* requires tc with HTB support */\r
const char  *iptables = "/sbin/iptables"; /* requires iptables utility */\r
const char *iptablessave = "/sbin/iptables-save"; /* not yet required */\r
const char *iptablesrestore = "/sbin/iptables-restore";  /* requires iptables-restore */\r
const char        *ls = "/bin/ls"; /* this is not user configurable :-) */\r
\r
char          *config = "/etc/prometheus/prometheus.conf"; /* main configuration file */\r
char           *hosts = "/etc/prometheus/hosts"; /* per-IP bandwidth definition file */\r
\r
char    *iptablesfile = "/var/spool/prometheus.iptables"; /* temporary file for iptables-restore*/\r
char          *credit = "/var/lib/misc/prometheus.credit"; /* credit log file */\r
char        *classmap = "/var/lib/misc/prometheus.classes"; /* credit log file */\r
char            *html = "/var/www/traffic.html"; /* hall of fame - html version */\r
char         *preview = "/var/www/preview.html"; /* hall of fame preview - html version */\r
char            *json = "/var/www/logs/traffic.json"; /* hall of fame - json version */\r
char    *json_preview = "/var/www/logs/preview.json"; /* hall of fame preview - json version */\r
char          *cmdlog = "/var/log/prometheuslog"; /* command log filename */\r
char         *log_dir = "/var/www/logs/"; /* log directory pathname, ended with slash */\r
char         *log_url = "/logs/"; /* log directory relative URI prefix (partial URL) */\r
char    *html_log_dir = "/var/www/logs/html/";\r
\r
char      *jquery_url = "http://code.jquery.com/jquery-latest.js";\r
char         *lms_url = "/lms/?m=customerinfo&amp;id=";\r
int use_jquery_popups = 1;\r
int      row_odd_even = 0; /*<tr class="odd/even"> */\r
\r
\r
void parse_ip_log(int argc, char **argv);\r
/* implementid in parselog.c */\r
\r
const char *tr_odd_even(void)\r
{\r
 row_odd_even = 1 - row_odd_even;\r
 if(row_odd_even)\r
 {\r
  return "<tr class=\"even\">\n";\r
 }\r
 else\r
 {\r
  return "<tr class=\"odd\">\n";\r
 }\r
}\r
\r
/* ======= Help screen is hopefuly self-documenting part of code :-) ======= */\r
\r
void help(void)\r
{\r
 puts("Command line switches:\n\\r
\n\\r
-d   Dry run (preview tc and iptables commands on stdout)\n\\r
-r   Run (reset all statistics and start shaping - daily usage)\n\\r
-p   just generate Preview of data transfer statistics and exit (after -r)\n\\r
-s   start Shaping FUP limits (keeps data transfer stat like -p) (after -r)\n\\r
-n   run Now (like -r delay - overrides qos-free-delay keyword, after boot)\n\\r
-f   just Flush iptables and tc classes and exit (stop shaping, no QiS)\n\\r
-9   emergency iptables flush (like -f, but dumps data transfer statistics)\n\\r
\n\\r
-c filename  force alternative /etc/prometheus/prometheus.conf filename\n\\r
-h filename  force alternative /etc/hosts filename (overrides hosts keyword)\n\\r
-l Mmm YYYY  generate HTML summary of Logged traffic (Mmm=Jan-Dec) (and exit)\n\\r
-m           generate HTML summary of traffic for yesterday's Month (and exit)\n\\r
-y           generate HTML summary of traffic for yesterday's Year (and exit)\n\\r
-? --help    show this help scree (and exit)\n\\r
-v --version show Version number of this utility (and exit)\n");\r
}\r
\r
/* === Configuraration file values defaults - stored in global variables ==== */\r
\r
int        filter_type = 1; /*1 mark, 2 classify*/\r
char             *mark = "MARK";\r
char    *mark_iptables = "MARK --set-mark ";\r
int            dry_run = 0; /* preview - use puts() instead of system() */\r
char *iptablespreamble = "*mangle\n:PREROUTING ACCEPT [0:0]\n:POSTROUTING ACCEPT [0:0]\n:INPUT ACCEPT [0:0]\n:OUTPUT ACCEPT [0:0]\n:FORWARD ACCEPT [0:0]";\r
FILE    *iptables_file = NULL;\r
int      enable_credit = 1; /* enable credit file */\r
int         use_credit = 0; /* use credit file (if enabled)*/\r
char            *title = "Hall of Fame - Greatest Suckers"; /* hall of fame title */\r
int       hall_of_fame = 1; /* enable hall of fame */\r
char              *lan = "eth0"; /* LAN interface */\r
char       *lan_medium = "100Mbit"; /* 10Mbit/100Mbit ethernet */\r
char              *wan = "eth1"; /* WAN/ISP interface */\r
char       *wan_medium = "100Mbit"; /* 10Mbit/100Mbit ethernet */\r
char         *qos_leaf = "sfq perturb 5"; /* leaf discipline */\r
char    *qos_free_zone = NULL; /* QoS free zone */\r
int          qos_proxy = 1; /* include proxy port to QoS */\r
int        found_lmsid = 0; /* show links to users in LMS information system */\r
int     include_upload = 1; /* upload+download=total traffic */\r
char         *proxy_ip = "192.168.1.1/32"; /* our IP with proxy port */\r
int         proxy_port = 3128; /* proxy port number */\r
long long int     line = 1024; /* WAN/ISP download in kbps */\r
long long int       up = 1024; /* WAN/ISP upload in kbps */\r
int           free_min = 32; /* minimum guaranted bandwidth for all undefined hosts */\r
int           free_max = 64; /* maximum allowed bandwidth for all undefined hosts */\r
int     qos_free_delay = 0; /* seconds to sleep before applying new QoS rules */\r
int     digital_divide = 2; /* controls digital divide weirdness ratio, 1...3 */ \r
int        max_nesting = 3; /* maximum nesting of HTB clases, built-in maximum seems to be 4 */\r
int            htb_r2q = 256; /* should work for leaf values 512 kbps to 8 Mbps */\r
int              burst = 8; /* HTB burst (in kbits) */\r
int         burst_main = 64;\r
int        burst_group = 32;\r
int     magic_treshold = 8; /* reduce ceil by X*magic_treshhold kbps (hard shaping) */\r
int       keywordcount = 0;\r
/* not yet implemented:\r
int      fixed_packets = 0; maximum number of pps per IP address (not class!) \r
int       packet_limit = 5; maximum number of pps to htn CEIL, not rate !!! \r
*/\r
FILE         *log_file = NULL;\r
char              *kwd = "via-prometheus"; /* /etc/hosts comment, eg. #qos-64-128 */\r
\r
const int highest_priority   = 0; /* highest HTB priority (HTB built-in value is 0) */\r
const int lowest_priority    = 7; /* lowest HTB priority (HTB built-in value is 7) */\r
const int idxtable_treshold1 = 24;      /* this is no longer configurable */\r
const int idxtable_treshold2 = 12;      /* this is no longer configurable */\r
const int idxtable_bitmask1  = 3;        /* this is no longer configurable */\r
const int idxtable_bitmask2  = 3;        /* this is no longer configurable */\r
\r
/* ==== This is C<<1 stuff - learn C<<1 first! https://dev.arachne.cz/svn/cll1h ==== */\r
\r
struct IP\r
{\r
 char *addr;\r
 char *name;\r
 char *sharing;\r
 int min;\r
 int desired;\r
 int max;\r
 int mark;\r
 int prio;\r
 int fixedprio;\r
 int group;\r
 int lmsid;\r
 unsigned long long direct;\r
 unsigned long long proxy;\r
 unsigned long long upload;\r
 unsigned long long traffic;\r
 unsigned long long credit;\r
 unsigned long pktsup;\r
 unsigned long pktsdown;\r
 struct Keyword *keyword;\r
 list(IP);\r
} *ips=NULL, *ip, *sharedip;\r
\r
struct Group\r
{\r
 int min;\r
 int count;\r
 int desired;\r
 int id;\r
 list(Group);\r
} *groups=NULL, *group;\r
\r
struct Index\r
{\r
 char *addr;\r
 char *id;\r
 struct Index *parent;\r
 int bitmask;\r
 int children;\r
 list(Index);\r
} *idxs=NULL, *idx, *metaindex;\r
\r
struct Keyword\r
{\r
 char *key;\r
 \r
 int asymetry_ratio;        /* ratio for ADSL-like upload */\r
 int asymetry_fixed;        /* fixed treshold for ADSL-like upload */\r
 int data_limit;            /* hard shaping: apply magic_treshold if max*data_limit MB exceeded */\r
 int data_prio;             /* soft shaping (qos): reduce HTB prio if max*data_prio MB exceeded */\r
 long fixed_limit;          /* fixed data limit for setting lower HTB ceil */\r
 long fixed_prio;           /* fixed data lmit for setting lower HTB prio */\r
 int reserve_min;	    /* bonus for nominal HTB rate bandwidth (in kbps) */\r
 int reserve_max;	    /* malus for nominal HTB ceil (in kbps) */\r
// int divide_max;	    /* relative malus: new_ceil=rate+(old_ceil-rate)/divide_max */\r
// int htb_ceil_bonus_divide; /* relative bonus: new_ceil=old_ceil+old_ceil/htb_ceil_bonus_divide */\r
 int default_prio;	    /* default HTB priority for this keyword */\r
 char *html_color;\r
 int ip_count;\r
 char *leaf_discipline;\r
 \r
 list(Keyword);\r
} *keyword,*defaultkeyword=NULL,*keywords=NULL;\r
\r
/* Damned, this must be object oriented! This looks almost like constructor ;-) */\r
\r
void TheIP(void)\r
{\r
 create(ip,IP);\r
 ip->name        = "";\r
 ip->addr        = "";\r
 ip->sharing     = NULL;\r
 ip->prio        = highest_priority+1;\r
 ip->lmsid       = -1;\r
 ip->fixedprio   = \\r
 ip->mark        = \\r
 ip->min         = \\r
 ip->max         = \\r
 ip->desired     = \\r
 ip->credit      = \\r
 ip->upload      = \\r
 ip->proxy       = \\r
 ip->direct      = \\r
 ip->traffic     = \\r
 ip->pktsup      = \\r
 ip->pktsdown    = 0;\r
 ip->keyword     = keywords;\r
 push(ip,ips);\r
}\r
\r
/* ====== iptables indexes are used to reduce complexity to log8(N) ===== */\r
\r
char *very_ugly_ipv4_code(char *inip,int bitmask,int format_as_chainname)\r
{\r
 /* warning: this function was debugged only for bitmask values 20,24,28 !!!*/\r
 int dot=0, n;\r
 char *ip,*outip,*outptr,*fmt;\r
\r
 duplicate(inip,ip);\r
 /* debug printf("(%s,%d) -> ",ip,bitmask); */\r
\r
 if(ip && *ip && bitmask>=0 && bitmask<=32)\r
 {\r
  string(outip,strlen(ip)+10); /*fuck unicode? assertion: 10>strlen("_%d_%d") */\r
 }\r
 else \r
 {\r
  /* should never exit here */\r
  return "undefined";\r
 }\r
 outptr=outip;\r
 while(ip && *ip)\r
 {\r
  if(*ip=='.')\r
  {\r
   if(dot<(bitmask/8-1)) \r
   {\r
    if(format_as_chainname)\r
    {\r
     *outptr='_';\r
    }\r
    else\r
    {\r
     *outptr='.';\r
    }\r
    outptr++;\r
    dot++;\r
   }\r
   else\r
   {\r
    char *cutdot=strchr(ip+1,'.'); /*for bitmask<24*/    \r
    if(cutdot)\r
    {\r
     *cutdot = '\0';\r
    }\r
    \r
    if(format_as_chainname)\r
    {\r
     fmt = "_%d_%d";\r
    }\r
    else\r
    {\r
     fmt = ".%d";\r
    }\r
    \r
    if(bitmask%8)\r
    {\r
     n = atoi(ip+1)-atoi(ip+1)%(1<<(8-bitmask%8));\r
    }\r
    else\r
    {\r
     n = 0;\r
    }\r
\r
    /*debug  printf("%d/%d => [_%d_%d]\n",atoi(ip+1),bitmask,n,bitmask); */\r
    sprintf(outptr,fmt,n,bitmask);\r
    if(!format_as_chainname)\r
    {\r
     while(bitmask<24)\r
     {\r
      strcat(outip,".0");\r
      bitmask+=8;\r
     }\r
    }\r
    /* debug printf("[%s]\n",outip); */\r
    return outip;\r
   }\r
  }\r
  else \r
  {\r
   *outptr=*ip;\r
   outptr++;\r
  }\r
  ip++;\r
 }\r
 /*should never exit here*/\r
 *outptr='\0';\r
 return outip;\r
}\r
\r
char *hash_id(char *ip,int bitmask)\r
{ \r
 return very_ugly_ipv4_code(ip,bitmask,1);\r
}\r
\r
char *subnet_id(char *ip,int bitmask)\r
{\r
 return very_ugly_ipv4_code(ip,bitmask,0);\r
}\r
\r
/* ================= Let's parse configuration file here =================== */\r
\r
void reject_config_and_exit(char *filename)\r
{\r
 printf("Configuration file %s rejected - abnormal exit.",filename);\r
 exit(-1);\r
}\r
\r
void get_config(char *config_filename)\r
{\r
 char *cnf="mark";\r
 \r
 printf("Configured keywords: ");\r
 parse(config_filename)\r
 {\r
  option("keyword",kwd);\r
  if(kwd)\r
  {\r
   printf("%s ",kwd);\r
\r
   create(keyword,Keyword);\r
   keyword->key=kwd;\r
   keyword->asymetry_ratio=1;          /* ratio for ADSL-like upload */\r
   keyword->asymetry_fixed=0;          /* fixed treshold for ADSL-like upload */\r
   keyword->data_limit=8;              /* hard shaping: apply magic_treshold if max*data_limit MB exceeded */\r
   keyword->data_prio=4;               /* soft shaping (qos): reduce HTB prio if max*data_prio MB exceeded */\r
   keyword->fixed_limit=0;             /* fixed data limit for setting lower HTB ceil */\r
   keyword->fixed_prio=0;              /* fixed data limit for setting lower HTB prio */\r
   keyword->reserve_min=8;	       /* bonus for nominal HTB rate bandwidth (in kbps) */\r
   keyword->reserve_max=0;	       /* malus for nominal HTB ceil (in kbps) */\r
   keyword->default_prio=highest_priority+1;\r
   keyword->html_color="000000";\r
   keyword->ip_count=0;\r
   keyword->leaf_discipline="";\r
\r
   push(keyword,keywords);\r
   if(!defaultkeyword) defaultkeyword=keyword;\r
   keywordcount++;\r
   \r
   kwd=NULL;\r
  }\r
  else\r
  {\r
    for_each(keyword,keywords)\r
    {\r
     int l=strlen(keyword->key);\r
\r
     if(!strncmp(keyword->key,_,l) && strlen(_)>l+2)\r
     {\r
      char *tmptr=_; /*  <---- l+1 ----> */\r
      _+=l+1;        /*  via-prometheus-asymetry-ratio, etc. */\r
      ioption("asymetry-ratio",keyword->asymetry_ratio);\r
      ioption("asymetry-treshold",keyword->asymetry_fixed);\r
      ioption("magic-relative-limit",keyword->data_limit);\r
      ioption("magic-relative-prio",keyword->data_prio);\r
      loption("magic-fixed-limit",keyword->fixed_limit);\r
      loption("magic-fixed-prio",keyword->fixed_prio);\r
      ioption("htb-default-prio",keyword->default_prio);\r
      ioption("htb-rate-bonus",keyword->reserve_min);\r
      ioption("htb-ceil-malus",keyword->reserve_max);\r
      option("leaf-discipline",keyword->leaf_discipline);\r
      option("html-color",keyword->html_color);\r
      _=tmptr;\r
      \r
      if(keyword->data_limit || keyword->fixed_limit || \r
         keyword->data_prio || keyword->fixed_prio)\r
      {\r
       use_credit=1;        \r
      }\r
     }\r
    }\r
  }\r
\r
  option("tc",tc);\r
  option("iptables",iptables);\r
  option("iptables-save",iptablessave); /* new */\r
  option("iptables-restore",iptablesrestore); /* new */\r
  option("iptables-in-filename",iptablesfile); /* new */\r
  option("hosts",hosts);\r
  option("lan-interface",lan);\r
  option("wan-interface",wan);\r
  option("lan-medium",lan_medium);\r
  option("wan-medium",wan_medium);\r
  lloption("wan-download",line);\r
  lloption("wan-upload",up);\r
  ioption("hall-of-fame-enable",hall_of_fame);\r
  option("hall-of-fame-title",title);\r
  option("hall-of-fame-filename",html);\r
  option("json-filename",json);\r
  option("hall-of-fame-preview",preview);\r
  option("json-preview",json_preview);\r
  option("log-filename",cmdlog);\r
  option("credit-filename",credit);\r
  option("classmap-filename",classmap);\r
  ioption("credit-enable",enable_credit);\r
  option("log-traffic-directory",log_dir);\r
  option("log-traffic-html-directory",html_log_dir);\r
  option("log-traffic-url-path",log_url);\r
  option("jquery-url",jquery_url);\r
  option("lms-url",lms_url);\r
  ioption("use-jquery-popups",use_jquery_popups);\r
  option("qos-free-zone",qos_free_zone);\r
  ioption("qos-free-delay",qos_free_delay);\r
  ioption("qos-proxy-enable",qos_proxy);\r
  option("qos-proxy-ip",proxy_ip);\r
  option("htb-leaf-discipline",qos_leaf);\r
  ioption("qos-proxy-port",proxy_port);\r
  ioption("free-rate",free_min);\r
  ioption("free-ceil",free_max);\r
  ioption("htb-burst",burst);\r
  ioption("htb-burst-main",burst_main);\r
  ioption("htb-burst-group",burst_group);\r
  ioption("htb-nesting-limit",max_nesting);\r
  ioption("htb-r2q",htb_r2q);\r
  ioption("magic-include-upload",include_upload);\r
  ioption("magic-treshold",magic_treshold);  \r
  option("filter-type", cnf);  \r
/* not yet implemented:\r
  ioption("magic-fixed-packets",fixed_packets);\r
  ioption("magic-relative-packets",packet_limit);\r
*/\r
 }\r
 fail\r
 { \r
  perror(config_filename);\r
  puts("Warning - using built-in defaults instead ...");\r
 }\r
 done; /* ugly macro end */\r
 printf("\n");\r
 \r
 /* leaf discipline for keywords */\r
 for_each(keyword,keywords)\r
 {\r
    if(!strcmpi(keyword->leaf_discipline, ""))\r
    {\r
        keyword->leaf_discipline = qos_leaf;\r
    }\r
 }\r
\r
 if(strcmpi(cnf, "mark"))\r
 {\r
  filter_type = 2;\r
  mark = "CLASSIFY";\r
  mark_iptables = "CLASSIFY --set-class 1:";\r
 }\r
 else\r
 {\r
  filter_type = 1;\r
  mark = "MARK";\r
  mark_iptables = "MARK --set-mark ";\r
 }\r
\r
 /* are supplied values meaningful ?*/\r
 if(line<=0 || up<=0)\r
 {\r
  puts("Illegal value of LAN or WAN bandwidth: 0 kbps.");\r
  reject_config_and_exit(config_filename);\r
 }\r
}\r
\r
/* ===================== traffic analyser - uses iptables  ================ */ \r
\r
void get_traffic_statistics(void)\r
{\r
 char *str,*cmd;\r
 int downloadflag=0;\r
\r
 textfile(Pipe,str) *line,*lines=NULL;\r
 string(str,STRLEN);\r
 string(cmd,STRLEN);\r
\r
 sprintf(cmd,"%s -L -v -x -n -t mangle",iptables);\r
 shell(cmd);\r
 input(str,STRLEN)\r
 {\r
  create(line,Pipe);\r
  line->str=str;\r
  string(str,STRLEN);\r
  append(line,lines);\r
 }\r
\r
 for_each(line,lines)\r
 {\r
  int col, accept=0,proxyflag=0,valid=1,setchainname=0,commonflag=0; \r
  unsigned long long traffic=0;\r
  unsigned long pkts=0;\r
  char *ipaddr=NULL,*ptr;\r
  \r
  /* debug puts(line->str); */\r
  valid_columns(ptr,line->str,' ',col) \r
  if(valid) switch(col)\r
  { \r
   case 1: if(eq(ptr,"Chain"))\r
           {\r
            setchainname=1;\r
           }\r
           else if(eq(ptr,"pkts")) \r
           {\r
            valid=0;\r
           }\r
           else\r
           {\r
            sscanf(ptr,"%lu",&pkts); \r
           }\r
           break;\r
   case 2: if(setchainname)\r
           {\r
            if(!strncmp(ptr,"post_",5) || eq(ptr,"POSTROUTING"))\r
            {\r
             downloadflag = 1;            \r
            }\r
            else \r
            {\r
             if(!strncmp(ptr,"forw_",5) || eq(ptr,"FORWARD"))\r
             {\r
              downloadflag = 0;\r
             }\r
            }            \r
            if(eq(ptr,"post_common") || eq(ptr,"forw_common"))\r
            {\r
             commonflag = 1;\r
            }\r
           }\r
           else\r
           {\r
            sscanf(ptr,"%Lu",&traffic); \r
            traffic += (1<<19);\r
            traffic >>= 20;\r
           }\r
           break;\r
   case 3: if((strncmp(ptr,"post_",5) && strncmp(ptr,"forw_",5)) || commonflag)\r
           {\r
            accept=eq(ptr,mark);\r
           }\r
            /*if(filter_type==1) accept=eq(ptr,"MARK"); else accept=eq(ptr,"CLASSIFY");*/\r
           break;\r
   case 8: if(downloadflag)\r
           { \r
            if(strstr(proxy_ip,ptr))\r
            {\r
             proxyflag=1; \r
            }\r
           }\r
           else\r
           {\r
            ipaddr=ptr; \r
           }\r
           break;\r
   case 9: if(downloadflag)ipaddr=ptr;break;\r
  }\r
  \r
    if(accept && traffic>0 && ipaddr)\r
    {\r
     if(proxyflag)\r
     {\r
      printf("(proxy) ");\r
     }\r
     else if(!downloadflag)\r
     {\r
      printf("(upload) ");\r
     }\r
     printf("IP %s: %Lu MB (%ld pkts)\n", ipaddr, traffic, pkts);\r
\r
     if_exists(ip,ips,eq(ip->addr,ipaddr)); \r
     else \r
     {\r
      TheIP();\r
      ip->addr=ipaddr;\r
      if(eq(ip->addr,"0.0.0.0/0"))\r
      {\r
       ip->name="(unregistered)";\r
       ip->min=free_min;\r
       ip->max=ip->desired=free_max;\r
      }\r
     }\r
     \r
     if(downloadflag)\r
     {\r
      if(proxyflag)\r
      {\r
       ip->proxy=traffic;\r
      }\r
      else\r
      {\r
       ip->traffic+=traffic;\r
      }\r
      ip->direct=ip->traffic-ip->upload-ip->proxy;\r
      ip->pktsdown=pkts;\r
     }\r
     else\r
     {\r
      ip->upload=traffic;\r
      ip->pktsup=pkts;\r
      if(include_upload)\r
      {\r
       ip->traffic+=traffic;\r
      }\r
      else \r
      {\r
       if(traffic>ip->traffic)\r
       {\r
        ip->traffic=traffic;     \r
       }\r
      }\r
     }\r
    }  \r
  }\r
  free(cmd);\r
}\r
 \r
/* ========== This function executes, logs OR ALSO prints command ========== */\r
\r
void safe_run(char *cmd)\r
{\r
 if(dry_run)\r
 {\r
  printf("\n=>%s\n",cmd);\r
 }\r
 else\r
 {\r
  system(cmd);\r
 }\r
 if(log_file)\r
 {\r
  fprintf(log_file,"%s\n",cmd);\r
 }\r
}\r
\r
void save_line(char *line)\r
{\r
 fprintf(iptables_file,"%s\n",line);\r
}\r
\r
void run_restore(void)\r
{\r
 char *restor;\r
 string(restor,STRLEN);\r
\r
 /*-----------------------------------------------------------------*/\r
 printf("Running %s <%s ...\n", iptablesrestore, iptablesfile);\r
 /*-----------------------------------------------------------------*/\r
 \r
 save_line("COMMIT");\r
 fclose(iptables_file);\r
 if(dry_run) \r
 {\r
  parse(iptablesfile)\r
  {\r
   printf("%s\n",_);\r
  }\r
  done; /* ugly macro end */\r
 }\r
\r
 sprintf(restor,"%s <%s",iptablesrestore, iptablesfile);\r
 safe_run(restor);\r
 \r
 free(restor);\r
}\r
\r
/* == This function strips extra characters after IP address and stores it = */\r
\r
void parse_ip(char *str)\r
{\r
 char *ptr,*ipaddr=NULL,*ipname=NULL,*lmsid=NULL;\r
\r
 ptr=strchr(str,'{');\r
 if(ptr)\r
 {\r
  lmsid=++ptr;\r
  while(*ptr && *ptr!='}')\r
  {\r
   ptr++;\r
  }\r
  *ptr=0;\r
 }\r
 \r
 ptr=str;\r
 while(*ptr && *ptr!=' ' && *ptr!=9)\r
 {\r
  ptr++;\r
 }\r
 \r
 *ptr=0;\r
 ipaddr=str;\r
 ptr++;\r
 while(*ptr && (*ptr==' ' || *ptr==9))\r
 {\r
  ptr++;\r
 }\r
 ipname=ptr; \r
 while(*ptr && *ptr!=' ' && *ptr!=9)\r
 {\r
  ptr++;\r
 }\r
 *ptr=0;\r
\r
 if_exists(ip,ips,eq(ip->addr,ipaddr));\r
 else\r
 {\r
  TheIP();\r
 }\r
 ip->addr=ipaddr;\r
 ip->name=ipname;\r
 if(lmsid)\r
 {\r
  ip->lmsid=atoi(lmsid);\r
  found_lmsid=1;\r
 }\r
}\r
\r
char *parse_datafile_line(char *str)\r
{\r
 char *ptr=strchr(str,' ');\r
\r
 if(ptr)\r
 {\r
  *ptr=0;\r
  ptr++;\r
  return ptr;\r
 } \r
 else \r
 {\r
  return NULL;\r
 }\r
}\r
\r
\r
\r
\r
void append_log(struct IP *self) /*using global variables*/\r
{\r
 char *d, *str;\r
 FILE *f; \r
\r
 date(d); /* this is typical cll1.h macro - prints current date */ \r
 string(str,STRLEN); \r
 sprintf(str,"%s/%s.log", log_dir, self->name);\r
 f=fopen(str,"a");\r
 if(f > 0)\r
 {\r
  fprintf(f,"%ld\t%s\t%Lu\t%Lu\t%Lu\t%Lu\t%d\t%d\t%d\t%d\t%s",\r
            time(NULL), self->name, self->traffic, self->direct, self->proxy,\r
            self->upload, self->min, self->max, self->desired, self->lmsid, d); /* d = date*/\r
  fclose(f);\r
 }\r
 else\r
 {\r
  perror(str);\r
 }\r
}\r
\r
\r
/*-----------------------------------------------------------------*/\r
/* Are you looking for int main(int argc, char **argv) ? :-))      */\r
/*-----------------------------------------------------------------*/\r
\r
program\r
{\r
 int i=0;                    /* just plain old Fortran style integer :-) */\r
 FILE *f=NULL;               /* everything is just stream of bytes... */\r
 char *str, *ptr, *d;        /* LET A$=B$ :-) */\r
 char *substring;\r
 int class_count=0,ip_count=0;\r
 int parent=1;\r
 int just_flush=FALSE;       /* deactivates all previous actions */\r
 int nodelay=FALSE;\r
 int just_preview=FALSE;     /* preview - generate just stats */\r
 int start_shaping=FALSE;    /* apply FUP - requires classmap file */\r
 int just_logs=FALSE;        /* just parse logs */\r
 int run=FALSE;\r
 int total=0;\r
 \r
 char *chain_forward, *chain_postrouting;\r
 char *althosts=NULL;\r
  \r
 printf("\n\\r
Prometheus QoS - \"fair-per-IP\" Quality of Service setup utility.\n\\r
Version %s - Copyright (C)2005-2012 Michael Polak, Arachne Labs\n\\r
iptables-restore & burst tunning & classify modification by Ludva\n\\r
Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version);\r
\r
 /*----- Boring... we have to check command line options first: ----*/   \r
 arguments\r
 {\r
  argument("-c") { nextargument(config); }\r
  argument("-h") { nextargument(althosts);}\r
  argument("-d") { run=TRUE; dry_run=TRUE; }\r
  argument("-f") { run=TRUE; just_flush=TRUE; }\r
  argument("-9") { run=TRUE; just_flush=9; }\r
  argument("-p") { run=TRUE; just_preview=TRUE; }\r
  argument("-s") { run=TRUE; just_preview=TRUE; start_shaping=TRUE; }\r
  argument("-r") { run=TRUE; }\r
  argument("-n") { run=TRUE; nodelay=TRUE; }\r
  argument("-l") { just_logs=TRUE; }\r
  argument("-m") { just_logs=TRUE; }\r
  argument("-y") { just_logs=TRUE; }\r
  argument("-?") { help(); exit(0); }\r
  argument("--help") { help(); exit(0); }\r
  argument("-v") { exit(0); } \r
  argument("--version") { exit(0); } \r
 }\r
 \r
 if(dry_run)\r
 {\r
  puts("*** THIS IS JUST DRY RUN ! ***\n");\r
 }\r
\r
 date(d); /* this is typical cll1.h macro - prints current date */\r
\r
 /*-----------------------------------------------------------------*/\r
 printf("Parsing configuration file %s ...\n", config);\r
 /*-----------------------------------------------------------------*/\r
 get_config(config);\r
 \r
 if(just_logs)\r
 {\r
  parse_ip_log(argc,argv);\r
  exit(0);\r
 }\r
 else if(not run)\r
 {\r
  help();\r
  exit(0);\r
 }\r
\r
 if(althosts)\r
 {\r
  hosts=althosts;\r
 }\r
\r
 if(just_flush<9)\r
 {\r
  /*-----------------------------------------------------------------*/\r
  puts("Parsing iptables verbose output ...");\r
  /*-----------------------------------------------------------------*/\r
  get_traffic_statistics();\r
 }\r
\r
 /*-----------------------------------------------------------------*/\r
 printf("Parsing class defintion file %s ...\n", hosts);\r
 /*-----------------------------------------------------------------*/\r
 int groupidx = FIRSTGROUPID;\r
 parse(hosts)\r
 {\r
  str=_;\r
\r
  if(*str<'0' || *str>'9')\r
  {\r
   /* any line starting with non-number is comment ...*/\r
   continue;\r
  }\r
  \r
  //Does this IP share QoS class with some other ?\r
  substring=strstr(str,"sharing-");\r
  if(substring)\r
  { \r
   substring+=8; //"sharing-"\r
   parse_ip(str);\r
   ip_count++;\r
   ip->sharing=substring;\r
   ip->keyword=defaultkeyword; /* settings for default keyword */\r
   while(*substring && *substring!='\n')\r
   {\r
    substring++;\r
   }\r
   *substring=0; \r
  }\r
  else\r
  {\r
   //Do we have to create new QoS class for this IP ?\r
\r
   if_exists(keyword,keywords,(substring=strstr(str,keyword->key)))\r
   {\r
    parse_ip(str);\r
    ip_count++;\r
    ip->keyword=keyword;\r
    keyword->ip_count++;\r
    ip->prio=keyword->default_prio;\r
    substring+=strlen(keyword->key)+1;\r
    ptr=substring;\r
    while(*ptr && *ptr!='-')\r
    {\r
     ptr++;\r
    }\r
    if(*ptr=='-')\r
    {\r
     *ptr=0;\r
     ip->max = ip->desired=atoi(ptr+1);\r
    }\r
    ip->min = atoi(substring);\r
    if(ip->min <= 0)\r
    {\r
     printf(" %s: Illegal value of minimum bandwidth 0 kbps, using %d kb/s\n",\r
            str, free_min);\r
     ip->min = free_min;\r
    }\r
    if(ip->max <= ip->min)\r
    {\r
     ip->fixedprio = 1;\r
     ip->max = ip->min+ip->keyword->reserve_min;\r
    }\r
    else \r
    {\r
     ip->max -= ip->keyword->reserve_max;\r
     if(ip->max<ip->min)\r
     {\r
      ip->max=ip->min;\r
     }\r
    }\r
    ip->mark=FIRSTIPCLASS+1+class_count++;\r
\r
    if_exists(group,groups,group->min==ip->min) \r
    { \r
     group->count++;      \r
     group->desired += ip->min;\r
     ip->group = group->id;   \r
    }\r
    else\r
    {\r
     create(group,Group);\r
     group->min = ip->min;\r
     group->id = groupidx++;\r
     ip->group = group->id;\r
\r
     if(group->min<8) group->min=8;\r
     /* Warning - this is maybe because of primitive tc namespace, can be fixed */\r
     /* it is because class IDs are derived from min. bandwidth. - xCh */\r
     //if(group->min>MAX_GUARANTED_KBPS) group->min=MAX_GUARANTED_KBPS;\r
     \r
     group->count=1;\r
     group->desired=ip->min;   \r
     insert(group,groups,desc_order_by,min);\r
    }\r
   }//endif keyword-\r
  }//endif sharing-\r
 }\r
 fail\r
 {\r
  perror(hosts);\r
  exit(-1);\r
 }\r
 done; /* ugly macro end */\r
\r
 /*-----------------------------------------------------------------*/\r
 /* cll1.h - let's allocate brand new character buffer...           */\r
 /*-----------------------------------------------------------------*/\r
 string(str,STRLEN); \r
\r
 /*-----------------------------------------------------------------*/\r
 puts("Resolving shared connections ...");\r
 /*-----------------------------------------------------------------*/\r
 for_each(ip,ips) if(ip->sharing)\r
 {\r
  for_each(sharedip,ips) if(eq(sharedip->name,ip->sharing))\r
  {\r
   sharedip->traffic+=ip->traffic;\r
   ip->traffic=0;\r
   ip->mark=sharedip->mark; \r
   ip->lmsid=sharedip->lmsid;\r
   break;\r
  }\r
  if(!sharedip)\r
  {\r
   printf("Unresolved shared connection: %s %s sharing-%s\n",\r
          ip->addr, ip->name, ip->sharing);\r
  }\r
 }\r
\r
 if(enable_credit && just_flush<9)\r
 {\r
  /*-----------------------------------------------------------------*/\r
  printf("Parsing credit file %s ...\n", credit);\r
  /*-----------------------------------------------------------------*/\r
  parse(credit)\r
  {\r
   ptr=parse_datafile_line(_);\r
   if(ptr)\r
   {\r
    if_exists(ip,ips,eq(ip->addr,_))\r
    {\r
     sscanf(ptr,"%Lu",&(ip->credit));\r
    }\r
   }\r
  }\r
  done; /* ugly macro end */\r
 }\r
\r
 if(!just_preview)\r
 {\r
  /*-----------------------------------------------------------------*/\r
  puts("Initializing iptables and tc classes ...");\r
  /*-----------------------------------------------------------------*/\r
  \r
  iptables_file=fopen(iptablesfile,"w");\r
  if(iptables_file == NULL)\r
  {\r
    puts("Cannot open iptablesfile!");\r
    exit(-1);\r
  }\r
  \r
  log_file=fopen(cmdlog,"w");\r
  if(log_file == NULL) \r
  {\r
    puts("Cannot open logfile!");\r
    exit(-1);\r
  }\r
  \r
  save_line(iptablespreamble);\r
  run_restore();\r
  \r
  sprintf(str,"%s qdisc del dev %s root 2>/dev/null",tc,lan);\r
  safe_run(str);\r
\r
  sprintf(str,"%s qdisc del dev %s root 2>/dev/null",tc,wan);\r
  safe_run(str);\r
  \r
  iptables_file=fopen(iptablesfile,"w");\r
  save_line(iptablespreamble);\r
\r
  if(qos_free_zone && *qos_free_zone!='0')\r
  {\r
   char *chain;\r
   \r
   sprintf(str,"-A FORWARD -d %s -o %s -j ACCEPT", qos_free_zone, wan);\r
   save_line(str);\r
   \r
   if(qos_proxy)\r
   {\r
    save_line(":post_noproxy - [0:0]");\r
    sprintf(str,"-A POSTROUTING -p ! tcp -o %s -j post_noproxy", lan);\r
    save_line(str);   \r
    sprintf(str,"-A POSTROUTING -s ! %s -o %s -j post_noproxy", proxy_ip, lan);\r
    save_line(str);   \r
    sprintf(str,"-A POSTROUTING -s %s -p tcp --sport ! %d -o %s -j post_noproxy", proxy_ip, proxy_port, lan);\r
    save_line(str);   \r
\r
    chain="post_noproxy";    \r
   }\r
   else\r
   {\r
    chain="POSTROUTING";\r
   }\r
    \r
   sprintf(str,"-A %s -s %s -o %s -j ACCEPT", chain, qos_free_zone, lan);\r
   save_line(str);\r
  }\r
  \r
  if(ip_count>idxtable_treshold1 && !just_flush)\r
  {\r
   int idxcount=0, bitmask=32-idxtable_bitmask1; /* default net mask: 255.255.255.240 */\r
   char *subnet, *buf;\r
   /*-----------------------------------------------------------------*/\r
   printf("Detected %d addresses - indexing iptables rules to improve performance...\n",ip_count);\r
   /*-----------------------------------------------------------------*/\r
\r
   save_line(":post_common - [0:0]");\r
   save_line(":forw_common - [0:0]");\r
\r
   for_each(ip,ips) if(ip->addr && *(ip->addr) && !eq(ip->addr,"0.0.0.0/0"))\r
   {\r
    buf=hash_id(ip->addr,bitmask);\r
    if_exists(idx,idxs,eq(idx->id,buf))\r
    {\r
     idx->children++;\r
    }\r
    else\r
    {\r
     create(idx,Index);\r
     idx->addr=ip->addr;\r
     idx->id=buf;\r
     idx->bitmask=bitmask;\r
     idx->parent=NULL;\r
     idx->children=0;\r
     idxcount++;\r
     push(idx,idxs);\r
    }\r
   }\r
\r
   /* brutal perfomance optimalization */\r
   while(idxcount>idxtable_treshold2 && bitmask>2*idxtable_bitmask2)\r
   {\r
    bitmask-=idxtable_bitmask2;\r
    idxcount=0;\r
\r
    for_each(idx,idxs) if(idx->parent == NULL)\r
    {\r
     buf=hash_id(idx->addr,bitmask);\r
     if_exists(metaindex,idxs,eq(metaindex->id,buf))\r
     {\r
      metaindex->children++;\r
     }\r
     else\r
     {\r
      create(metaindex,Index);\r
      metaindex->addr=idx->addr;\r
      metaindex->id=buf;\r
      metaindex->bitmask=bitmask;\r
      metaindex->parent=NULL;\r
      metaindex->children=0;\r
      idxcount++;\r
      push(metaindex,idxs);\r
     }\r
     idx->parent=metaindex;\r
    }\r
   }\r
\r
   /* this should slightly optimize throughout ... */\r
   sort(idx,idxs,desc_order_by,children);\r
   sort(idx,idxs,order_by,bitmask);\r
\r
   i=0;\r
   for_each(idx,idxs)\r
   {\r
    subnet=subnet_id(idx->addr,idx->bitmask);\r
    printf("%d: %s/%d\n",\r
           ++i, subnet, idx->bitmask);\r
       \r
    sprintf(str,":post_%s - [0:0]", idx->id);\r
    save_line(str);\r
\r
    sprintf(str,":forw_%s - [0:0]", idx->id);\r
    save_line(str);\r
\r
    if(idx->parent)\r
    {\r
     string(buf,strlen(idx->parent->id)+6);\r
     sprintf(buf,"post_%s",idx->parent->id);\r
    }\r
    else\r
    {\r
     buf="POSTROUTING";\r
    }\r
\r
    sprintf(str,"-A %s -d %s/%d -o %s -j post_%s", buf, subnet, idx->bitmask, lan, idx->id);\r
    save_line(str);\r
\r
    sprintf(str,"-A %s -d %s/%d -o %s -j post_common", buf, subnet, idx->bitmask, lan);\r
    save_line(str);\r
\r
    if(idx->parent)\r
    {\r
     string(buf,strlen(idx->parent->id)+6);\r
     sprintf(buf,"forw_%s",idx->parent->id);\r
    }\r
    else\r
    {\r
     buf="FORWARD";\r
    }\r
\r
    sprintf(str,"-A %s -s %s/%d -o %s -j forw_%s", buf, subnet, idx->bitmask, wan, idx->id);\r
    save_line(str);\r
\r
    sprintf(str,"-A %s -s %s/%d -o %s -j forw_common", buf, subnet, idx->bitmask, wan);\r
    save_line(str);\r
   }\r
   printf("Total indexed iptables chains created: %d\n", i);\r
\r
   sprintf(str,"-A FORWARD -o %s -j forw_common", wan);\r
   save_line(str);\r
   \r
   sprintf(str,"-A POSTROUTING -o %s -j post_common", lan);\r
   save_line(str);\r
  }\r
 \r
 }\r
\r
 if(just_flush)\r
 {\r
  fclose(iptables_file);\r
  if(log_file)\r
  { \r
   fclose(log_file);\r
  }\r
  puts("Just flushed iptables and tc classes - now exiting ...");\r
  exit(0);\r
 }\r
\r
 if(!just_preview)\r
 {\r
  if(!dry_run && !nodelay && qos_free_delay)\r
  {\r
   printf("Flushed iptables and tc classes - now sleeping for %d seconds...\n",qos_free_delay);\r
   sleep(qos_free_delay);\r
  }\r
\r
  sprintf(str,"%s qdisc add dev %s root handle 1: htb r2q %d default 1",\r
              tc,lan,htb_r2q);\r
  safe_run(str);\r
\r
  sprintf(str, "%s class add dev %s parent 1: classid 1:2 htb rate %s ceil %s burst %dk prio %d",\r
               tc,lan,lan_medium,lan_medium,burst_main,highest_priority);\r
  safe_run(str);\r
\r
  sprintf(str, "%s class add dev %s parent 1:2 classid 1:1 htb rate %Ldkbit ceil %Ldkbit burst %dk prio %d",\r
                tc,lan,line,line,burst_main,highest_priority);\r
  safe_run(str);\r
\r
  sprintf(str,"%s qdisc add dev %s root handle 1: htb r2q %d default 1",tc,wan,htb_r2q);\r
  safe_run(str);\r
\r
  sprintf(str, "%s class add dev %s parent 1: classid 1:2 htb rate %s ceil %s burst %dk prio %d",\r
               tc,wan,wan_medium,wan_medium,burst_main,highest_priority);\r
  safe_run(str);\r
\r
  sprintf(str, "%s class add dev %s parent 1:2 classid 1:1 htb rate %Ldkbit ceil %Ldkbit burst %dk prio %d",\r
               tc,wan,up,up,burst_main,highest_priority);\r
  safe_run(str);\r
 }\r
\r
 /*-----------------------------------------------------------------*/\r
 puts("Locating heavy downloaders and generating root classes ...");\r
 /*-----------------------------------------------------------------*/\r
 sort(ip,ips,desc_order_by,traffic); \r
\r
 /*-----------------------------------------------------------------*/\r
 /* sub-scope - local variables */  \r
 {\r
  long long int rate = line;\r
  long long int max = line;\r
  int group_count = 0;\r
  FILE *credit_file = NULL;\r
  \r
  if(!just_preview && !dry_run && enable_credit)\r
  {\r
   credit_file = fopen(credit,"w");\r
  }\r
    \r
  for_each(group,groups)\r
  {\r
   if(!just_preview)\r
   {\r
    //download\r
    sprintf(str,"%s class add dev %s parent 1:%d classid 1:%d htb rate %Ldkbit ceil %Ldkbit burst %dk prio %d #down desired %d", \r
                 tc, lan, parent, group->id, rate, max, burst_group, highest_priority+1, group->desired);\r
    safe_run(str);\r
    \r
    //upload\r
    sprintf(str,"%s class add dev %s parent 1:%d classid 1:%d htb rate %Ldkbit ceil %Ldkbit burst %dk prio %d #up desired %d", \r
                 tc, wan, parent, group->id, rate*up/line, max*up/line, burst_group, highest_priority+1, group->desired);\r
    safe_run(str);\r
   }\r
   \r
   if(group_count++ < max_nesting)\r
   {\r
    parent = group->id;\r
   }\r
   \r
   rate -= digital_divide*group->min;\r
   if(rate < group->min)\r
   {\r
    rate = group->min;\r
   }\r
    \r
   /*shaping of aggresive downloaders, with credit file support */\r
   if(use_credit)\r
   {\r
    int group_rate = group->min, priority_sequence = lowest_priority;\r
    \r
    for_each(ip, ips) if(ip->min == group->min && ip->max > ip->min)\r
    {\r
     if(    ip->keyword->data_limit && !ip->fixedprio \r
         && (   ip->traffic>ip->credit\r
              + (ip->min*ip->keyword->data_limit+(ip->keyword->fixed_limit<<20))) )\r
     {\r
      if(group_rate<ip->max)\r
      {\r
       ip->max=group_rate;\r
      }\r
      group_rate+=magic_treshold;\r
      ip->prio=lowest_priority;\r
      if(ip->prio<highest_priority+2)\r
      {\r
       ip->prio=highest_priority+2;\r
      }\r
     }\r
     else\r
     {\r
      if(    ip->keyword->data_prio \r
          && !ip->fixedprio \r
          && (   ip->traffic>ip->credit\r
               + (ip->min*ip->keyword->data_prio+(ip->keyword->fixed_prio<<20))) )\r
      {\r
       ip->prio=priority_sequence--;\r
       if(ip->prio<highest_priority+1)\r
       {\r
        ip->prio=highest_priority+1;\r
       }\r
      }\r
     \r
      if(credit_file)\r
      {\r
       unsigned long long lcredit=0;\r
       \r
       if((ip->min*ip->keyword->data_limit+(ip->keyword->fixed_limit<<20))>ip->traffic)\r
       {\r
        lcredit=(ip->min*ip->keyword->data_limit+(ip->keyword->fixed_limit<<20))-ip->traffic;\r
       }\r
       fprintf(credit_file,"%s %Lu\n",ip->addr,lcredit);\r
      }\r
     }\r
    }        \r
   }\r
  }\r
  if(credit_file)\r
  {\r
   fclose(credit_file);\r
  }\r
 }\r
\r
 if(just_preview)\r
 {\r
  if(start_shaping)\r
  {\r
   printf("Reading %s and applying Fair Use Policy rules ... \n", classmap);\r
   parse(classmap)\r
   {\r
    ptr=strchr(_,' ');\r
    if(ptr)\r
    {\r
     *ptr=0;\r
     ptr++;\r
     if_exists(ip,ips,eq(ip->addr,_))\r
     {\r
      ip->mark=atoi(ptr);\r
      if(ip->max < ip->desired) /* apply FUP limit immediately.... */\r
      {\r
       printf("Applying limit for %-22s %-16s %04d ", ip->name, ip->addr, ip->mark);       \r
       printf("(down: %dk-%dk ", ip->min, ip->max); \r
       sprintf(str, "%s class change dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d", \r
                    tc, lan, ip->group, ip->mark,ip->min,ip->max, burst, ip->prio);\r
       safe_run(str);\r
       printf("up: %dk-%dk)\n", (int)((ip->min/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), \r
                                (int)((ip->max/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed));\r
       sprintf(str,"%s class change dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d",\r
                    tc, wan, ip->group, ip->mark,\r
                    (int)((ip->min/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed),\r
                    (int)((ip->max/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), burst, ip->prio);\r
       safe_run(str);\r
      }\r
     }\r
    }\r
   }\r
   fail\r
   { \r
    perror(classmap);\r
    puts("Warning - classmap file not fund, just generating preview ...");\r
    start_shaping=FALSE;\r
   }\r
   done; /* ugly macro end */\r
  }\r
  html=preview;\r
  json=json_preview;\r
 }\r
\r
 if(!dry_run && !just_flush)\r
 {\r
  /*-----------------------------------------------------------------*/\r
  printf("Writing json overview  %s ... ", json);\r
  /*-----------------------------------------------------------------*/\r
  f=fopen(json, "w");\r
  if(f > 0)\r
  {\r
   int jsoncount=0;\r
   fprintf(f, "{\n");\r
   for_each(ip, ips)\r
   {\r
    if(     ip->lmsid > 0 \r
        && (ip->traffic || ip->direct || ip->proxy || ip->upload))\r
    {\r
     if(jsoncount)\r
     {\r
      fprintf(f, ",\n");\r
     }\r
     fprintf(f, " \"%s\":{ \"lms\": %d, \"ip\":\"%s\", \"total\":%Lu, \"down\":%Lu, \"proxy\":%Lu, \"up\":%Lu, \"min\":%d, \"max\":%d, \"limit\":%d }",\r
                ip->name, ip->lmsid, ip->addr, ip->traffic, ip->direct, ip->proxy, ip->upload, ip->min, ip->desired, ip->max);\r
     jsoncount++;\r
    }\r
   }\r
   fprintf(f, "}\n");\r
   fclose(f);\r
   puts("done.");\r
  }\r
  else\r
  {\r
   perror(json);\r
  }\r
 }\r
\r
 f=fopen(html,"w");\r
 if(f > 0)\r
 {\r
  int count=1;\r
  i=0;\r
\r
  /*-----------------------------------------------------------------*/\r
  printf("Sorting data and generating statistics page %s ...\n", html);\r
  /*-----------------------------------------------------------------*/\r
\r
  if(use_jquery_popups)\r
  {\r
   fprintf(f,"<script type=\"text/javascript\" src=\"%s\"></script>\n", jquery_url);\r
  }\r
  fputs("<table class=\"decorated last\">\n\\r
<caption>Bandwidth classes</caption>\n\\r
<thead><tr>\n\\r
<th style=\"text-align: right\">#</th>\n\\r
<th style=\"text-align: right\">group</th>\n\\r
<th style=\"text-align: right\">IPs</th>\n\\r
<th style=\"text-align: right\">requested</th>\n",f);\r
  fprintf(f,"<th colspan=\"%d\">data limits</th>\n", keywordcount);\r
  fputs("</tr></thead><tbody>\n",f);\r
\r
  row_odd_even = 0;\r
  for_each(group, groups) \r
  { \r
#ifdef DEBUG\r
   printf("%d kb/s group: %d bandwidth requested: %d kb/s\n",group->min,group->count,group->desired);\r
#endif\r
   fprintf(f, "%s<td style=\"text-align: right\">%d</td><td style=\"text-align: right\">%d&nbsp;kb/s</td>",\r
              tr_odd_even(), count, group->min);\r
   fprintf(f, "<td style=\"text-align: right\">%d</td><td style=\"text-align: right\">%d&nbsp;kb/s</td>",\r
              group->count, group->desired);\r
\r
   for_each(keyword, keywords) if(keyword->ip_count)\r
   {\r
    fprintf(f,"<td style=\"text-align: right\"><span style=\"color:#%s\">%d&nbsp;MB</span></td>",\r
              keyword->html_color, group->min*keyword->data_limit);\r
   }   \r
   i += group->desired; \r
   total += group->count;\r
   count++; \r
  }\r
#ifdef DEBUG\r
   printf("Total groups: %d Total bandwidth requested: %d kb/s\nAGGREGATION: 1/%d\n",\r
          count, i, i/line);\r
#endif\r
   fprintf(f,"</tr></tbody>\n\\r
<thead><tr>\n\\r
<th colspan=\"2\" style=\"text-align: left\">Line %Ld kb/s</td>",line);\r
   fprintf(f,"<th style=\"text-align: right\">%d</td><th style=\"text-align: right\">%d kb/s</td>",total,i);\r
\r
   for_each(keyword, keywords) if(keyword->ip_count)\r
   {\r
    fprintf(f,"<th style=\"text-align: right\">%d IPs</th>",keyword->ip_count);\r
   }\r
   fprintf(f,"</tr><tr><th colspan=\"4\">Aggregation 1/%d</th>\n", (int)(0.5+i/line));\r
   fprintf(f,"<th colspan=\"%d\">%d traffic classes</th></tr>\n", keywordcount, total);\r
\r
   fputs("</thead></table>\n",f);\r
 }\r
 else if(!dry_run && !just_flush)\r
 {\r
  perror(html);\r
 }\r
\r
 i=0;\r
 if(f > 0)\r
 {\r
  unsigned long long total_traffic=0, total_direct=0, total_proxy=0, total_upload=0, tmp_sum=0;\r
  int active_classes=0;\r
  int colspan=12;\r
  struct Sum {unsigned long long l; int i; list(Sum);} *sum,*sums=NULL;\r
  int limit_count=0, prio_count=0;\r
  int popup_button=0;\r
\r
  if(qos_proxy)\r
  {\r
   colspan++;\r
  }\r
  \r
  fprintf(f,"<p><table class=\"decorated last\">\n<caption>%s",title);\r
  fprintf(f," (%s)</caption>\n", d);\r
  fputs("<thead><tr>\n<th colspan=\"3\">&nbsp;</th>\n",f);\r
  fputs("<th style=\"text-align: right\">credit</th>\n\\r
<th style=\"text-align: right\">FUP</th>\n\\r
<th style=\"text-align: right\">total</th>\n\\r
<th style=\"text-align: right\">down</th>\n",f);\r
  if(qos_proxy)\r
  {\r
   fputs("<th style=\"text-align: right\">proxy</th>\n",f);\r
  }\r
  fputs("<th style=\"text-align: right\">up</th>\n\\r
<th style=\"text-align: right\">min</th>\n\\r
<th style=\"text-align: right\">max</th>\n\\r
<th style=\"text-align: right\">limit</th>\n\\r
<th>&nbsp;</th>\n\\r
</tr><tr>\n\\r
<th style=\"text-align: right\">#</th>\n\\r
<th>hostname [+sharing]</th>\n\\r
<th style=\"text-align: right\">LMS</th>\n\\r
<th style=\"text-align: right\">MB</th>\n\\r
<th style=\"text-align: right\">MB</th>\n\\r
<th style=\"text-align: right\">MB</th>\n\\r
<th style=\"text-align: right\">MB</th>\n\\r
<th style=\"text-align: right\">MB</th>\n\\r
<th style=\"text-align: right\">kb/s</th>\n\\r
<th style=\"text-align: right\">kb/s</th>\n\\r
<th style=\"text-align: right\">kb/s</th>\n\\r
<th>prio</th>\n\\r
</tr></thead><tbody>\n",f);	\r
\r
  row_odd_even = 0;\r
  for_each(ip,ips) if(!use_jquery_popups || !ip->sharing)\r
  {\r
   char *f1="", *f2="";\r
   i++;\r
\r
   if(ip->max < ip->desired) \r
   { \r
    f1="<span style=\"color:red\">"; \r
    f2="</span>"; \r
    limit_count++; \r
   } \r
   else if(ip->prio > highest_priority+1) \r
   { \r
    f1="<span style=\"color:brown\">"; \r
    f2="</span>"; \r
    prio_count++; \r
   }       \r
\r
#ifdef DEBUG\r
   printf("%03d. %-22s %10Lu (%d/%d)\n",i ,ip->name, ip->traffic, ip->min, ip->max); \r
#endif\r
   /* hostnames -------------------------------------- */\r
   fprintf(f,"%s<td style=\"text-align: right\"><a name=\"%s\"></a>%d</td><td><a class=\"blue\" target=\"_blank\" href=\"%s%s.log\">%s</a>\n", \r
              tr_odd_even(), ip->name, i, log_url, ip->name, ip->name);\r
\r
   if(use_jquery_popups)\r
   {\r
     fprintf(f,"<span id=\"sharing_%d\" style=\"display:none\">",i);\r
     popup_button=0;\r
     for_each(sharedip, ips) if(eq(ip->name, sharedip->sharing))\r
     {\r
      fprintf(f,"<br /><a class=\"blue\" target=\"_blank\" href=\"%s%s.log\">%s</a>\n", log_url, sharedip->name, sharedip->name);\r
      popup_button++;\r
     }\r
     fputs("</span>\n",f);\r
     if(popup_button)\r
     {\r
      fprintf(f,"<span>[<a class=\"blue\" href=\"#\" onClick=\"$(this).parent().hide();$(\'#sharing_%d\').show();$(\'#download_%d\').show();$(\'#upload_%d\').show();return(false);\" style=\"cursor: pointer;\">+%d</a>]</span>",\r
                i, i, i, popup_button);\r
     }\r
   }\r
   fputs("</td>\n",f);\r
   /* ----------------------------------------------- */\r
\r
   if(found_lmsid)\r
   {\r
    fputs("<td style=\"text-align: right\">",f);\r
    if(ip->lmsid > 0)\r
    {\r
     fprintf(f,"<a class=\"blue\" target=\"_blank\" href=\"%s%d\">%04d</a>\n", lms_url, ip->lmsid, ip->lmsid);\r
    }\r
    else if(ip->lmsid == 0)\r
    {\r
     fputs("-------",f);\r
    }\r
    fputs("</td>\n",f);\r
   }\r
   fprintf(f,"<td style=\"text-align: right\">%Lu</td>\n", ip->credit);\r
   fprintf(f,"<td style=\"text-align: right\"><span style=\"color:#%s\">%Lu</span></td>",\r
             ip->keyword->html_color,\r
             ip->credit+(ip->min*ip->keyword->data_limit+(ip->keyword->fixed_limit<<20)));\r
   fprintf(f,"<td style=\"text-align: right\">%s%Lu%s", f1, ip->traffic, f2);\r
\r
   /* download --------------------------------------- */\r
   fprintf(f,"</td><td style=\"text-align: right\">%Lu", ip->direct);\r
   if(use_jquery_popups)\r
   {\r
     fprintf(f,"<span id=\"download_%d\" style=\"display:none\">",i);\r
     for_each(sharedip, ips) if(eq(ip->name, sharedip->sharing))\r
     {\r
      fprintf(f,"<br />%Lu", sharedip->direct);\r
     }\r
     fputs("</span>\n",f);\r
   }\r
   fputs("</td>\n",f);\r
   /* ----------------------------------------------- */\r
\r
   if(qos_proxy)\r
   {\r
    fprintf(f,"<td style=\"text-align: right\">%Lu</td>\n", ip->proxy);\r
   }\r
   /* upload ---------------------------------------- */\r
   fprintf(f,"<td style=\"text-align: right\">%Lu", ip->upload);\r
   if(use_jquery_popups)\r
   {\r
     fprintf(f,"<span id=\"upload_%d\" style=\"display:none\">",i);\r
     for_each(sharedip,ips) if(eq(ip->name, sharedip->sharing))\r
     {\r
      fprintf(f,"<br />%Lu", sharedip->upload);\r
     }\r
     fputs("</span>\n",f);\r
   }\r
   fputs("</td>\n",f);\r
   /* ----------------------------------------------- */\r
\r
   fprintf(f,"<td style=\"text-align: right\">%d</td>\n\\r
<td style=\"text-align: right\">%d</td>\n\\r
<td style=\"text-align: right\">%s%d%s</td>\n\\r
<td>%s%d%s</td></tr>\n",\r
             ip->min, ip->desired, \r
             f1, ip->max, f2, \r
             f1, ip->prio, f2);\r
\r
   total_traffic+=ip->traffic;\r
   total_direct+=ip->direct;\r
   total_proxy+=ip->proxy;\r
   total_upload+=ip->upload;\r
   if(ip->traffic>0)\r
   {\r
    active_classes++;\r
    tmp_sum+=ip->traffic;\r
    create(sum,Sum);\r
    sum->l=tmp_sum;\r
    sum->i=active_classes;\r
    insert(sum,sums,order_by,i);\r
   }\r
\r
   if(!just_preview)\r
   {\r
    append_log(ip);\r
    for_each(sharedip,ips) if(eq(ip->name, sharedip->sharing))\r
    {\r
     append_log(sharedip);\r
    }\r
   }\r
  }\r
  fprintf(f,"</tbody><thead><tr>\n\\r
<th colspan=\"%d\" style=\"text-align: left\">%d CLASSES</th>", colspan-7, i);\r
  fprintf(f,"<th style=\"text-align: right\">%Lu</th><th style=\"text-align: right\">%Lu</th>\n", total_traffic, total_direct);\r
  if(qos_proxy)\r
  {\r
   fprintf(f,"<th style=\"text-align: right\">%Lu</th>\n", total_proxy);\r
  }\r
  fprintf(f,"<th style=\"text-align: right\">%Lu</th>", total_upload);\r
  fprintf(f,"<th colspan=\"4\"><span style=\"color:red\">LIMIT %dx</span> <span style=\"color:brown\">LOW-PRIO %dx</span></th></tr>\n</thead></table>\n",limit_count,prio_count);\r
\r
  row_odd_even = 0;\r
  if(active_classes>10)\r
  {\r
   int top20_count=0,top20_perc1=0;\r
   long long top20_perc2=0;\r
   unsigned long long top20_sum=0l;\r
  \r
   fputs("<a name=\"erp\"></a><p><table class=\"decorated last\"><caption>Enterprise Resource Planning (ERP)</caption>\n",f);\r
   fputs("<thead><tr>\n\\r
<th>Analytic category</th>\n\\r
<th colspan=\"2\" style=\"text-align: center\">Active Classes</th>\n\\r
<th colspan=\"2\" style=\"text-align: center\">Data transfers</th>\n\\r
</tr></thead><tbody>\n",f);\r
\r
   if_exists(sum,sums,sum->l>=total_traffic/4)\r
   {\r
    fprintf(f,"%s<td>Top 25%% of traffic</td>\n", tr_odd_even());\r
    fprintf(f,"<td style=\"text-align: right\">%d</td>\n\\r
<td style=\"text-align: right\">%d %%</td>\n\\r
<td style=\"text-align: right\">%Lu MB</td>\n\\r
<td style=\"text-align: right\">%Ld %%</td></tr>\n",\r
              sum->i, (100*sum->i+50)/active_classes, sum->l, (100*sum->l+50)/total_traffic);\r
   }\r
   \r
   if_exists(sum,sums,sum->i==10)\r
   {\r
    fprintf(f,"%s<td>Top 10 downloaders</td>\n", tr_odd_even());\r
    fprintf(f,"<td style=\"text-align: right\"><strong>10</strong></td>\n\\r
<td style=\"text-align: right\">%d %%</td>\n\\r
<td style=\"text-align: right\">%Lu MB</td>\n\\r
<td style=\"text-align: right\">%Ld %%</td></tr>\n",\r
              (100*sum->i+50)/active_classes, sum->l, (100*sum->l+50)/total_traffic);\r
   }\r
\r
   if_exists(sum,sums,sum->l>=total_traffic/2)\r
   {\r
    fprintf(f,"%s<td>Top 50%% of traffic</td>\n", tr_odd_even());\r
    fprintf(f,"<td style=\"text-align: right\">%d</td>\n\\r
<td style=\"text-align: right\">%d %%</td>\n\\r
<td style=\"text-align: right\">%Lu MB</td>\n\\r
<td style=\"text-align: right\"><strong>%Ld %%</strong></td></tr>\n",\r
              sum->i,(100*sum->i+50)/active_classes,sum->l,(100*sum->l+50)/total_traffic);\r
   }\r
\r
   if_exists(sum,sums,sum->l>=4*total_traffic/5)\r
   {\r
    fprintf(f,"%s<td>Top 80%% of traffic</td>\n", tr_odd_even());\r
    fprintf(f,"<td style=\"text-align: right\">%d</td>\n\\r
<td style=\"text-align: right\">%d %%</td>\n\\r
<td style=\"text-align: right\">%Lu MB</td>\n\\r
<td style=\"text-align: right\"><strong>%Ld %%</strong></td></tr>\n",\r
              sum->i,(100*sum->i+50)/active_classes,sum->l,(100*sum->l+50)/total_traffic);\r
   }\r
\r
   if_exists(sum,sums,sum->i>=(active_classes+1)/5)\r
   {\r
    fprintf(f,"%s<td>Top 20%% downloaders</td>\n", tr_odd_even());\r
    top20_count=sum->i;\r
    top20_perc1=(100*sum->i+50)/active_classes;\r
    top20_sum=sum->l;\r
    top20_perc2=(100*sum->l+50)/total_traffic;\r
    fprintf(f,"<td style=\"text-align: right\">%d</td>\n\\r
<td style=\"text-align: right\"><strong>%d %%</strong></td>\n\\r
<td style=\"text-align: right\">%Lu MB</td>\n\\r
<td style=\"text-align: right\">%Ld %%</td></tr>\n",\r
              top20_count,top20_perc1,top20_sum,top20_perc2);\r
   }\r
\r
   if_exists(sum,sums,sum->i>=(active_classes+1)/4)\r
   {\r
    fprintf(f,"%s<td>Top 25%% downloaders</td>\n", tr_odd_even());\r
    fprintf(f,"<td style=\"text-align: right\">%d</td>\n\\r
<td style=\"text-align: right\">%d %%</td>\n\\r
<td style=\"text-align: right\">%Lu MB</td>\n\\r
<td style=\"text-align: right\">%Ld %%</td></tr>\n",\r
              sum->i,(100*sum->i+50)/active_classes,sum->l,(100*sum->l+50)/total_traffic);\r
   }\r
\r
   if_exists(sum,sums,sum->i>=(active_classes+1)/2)\r
   {\r
    fprintf(f,"%s<td>Top 50%% downloaders</td>\n", tr_odd_even());\r
    fprintf(f,"<td style=\"text-align: right\">%d</td>\n\\r
<td style=\"text-align: right\"><strong>%d %%</strong></td>\n\\r
<td style=\"text-align: right\">%Lu MB</td>\n\\r
<td style=\"text-align: right\">%Ld %%</td></tr>\n",\r
              sum->i,(100*sum->i+50)/active_classes,sum->l,(100*sum->l+50)/total_traffic);\r
   }\r
\r
   if_exists(sum,sums,sum->i>=4*(active_classes+1)/5)\r
   {\r
    fprintf(f,"%s<td>Top 80%% downloaders</td>\n", tr_odd_even());\r
    fprintf(f,"<td style=\"text-align: right\">%d</td>\n\\r
<td style=\"text-align: right\">%d %%</td>\n\\r
<td style=\"text-align: right\">%Lu MB</td>\n\\r
<td style=\"text-align: right\">%Ld %%</td></tr></tbody>\n",\r
              sum->i,(100*sum->i+50)/active_classes,sum->l,(100*sum->l+50)/total_traffic);\r
   }\r
\r
   fprintf(f,"<thead><tr><th><a class=\"blue\" target=\"_blank\" href=\"%sERP.log\">All users, all traffic</a></th>\n", log_url);\r
   fprintf(f,"<th style=\"text-align: right\">%d</th>\n\\r
<th style=\"text-align: right\">100 %%</th>\n\\r
<th style=\"text-align: right\">%Lu MB</th>\n\\r
<th style=\"text-align: right\">100 %%</th></tr>\n",active_classes,total_traffic);\r
   fputs("</thead></table>\n", f);\r
\r
   /* write basic ERP data to log directory */\r
   if(!just_preview)\r
   {\r
    FILE *iplog;\r
    sprintf(str,"%s/ERP.log",log_dir);\r
    iplog=fopen(str,"a");\r
    if(iplog)\r
    {\r
     fprintf(iplog,"%ld\t%d\t%d %%\t%Lu M\t%Ld %%\tACTIVE %d\tTRAFFIC %Lu M\tCLASSES %d\tFUP-LIMIT %d\tLOW-PRIO %d\t%s",\r
                   time(NULL), top20_count, top20_perc1, top20_sum, top20_perc2, \r
                   active_classes, total_traffic, i, limit_count, prio_count, d); /* d = date*/\r
     fclose(iplog);\r
    }\r
    else\r
    {\r
     perror(str);\r
    }\r
   }\r
  }\r
\r
  fprintf(f, stats_html_signature, version);\r
  fclose(f);\r
 }\r
\r
 if(just_preview)\r
 {\r
  char swchar='p';\r
  if(start_shaping)\r
  {\r
   swchar='s';\r
  }\r
  printf("Statistics preview generated (-%c switch) - now exiting ...\n", swchar);\r
  exit(0);\r
 }  \r
\r
 i=0;\r
#ifdef DEBUG\r
 printf("%-22s %-15s mark\n","name","ip");\r
#endif\r
\r
 printf("Writing %s ... ", classmap); \r
 f = fopen(classmap, "w"); \r
 if(f < 0)\r
 {\r
  perror(classmap);\r
 }\r
\r
 /*-----------------------------------------------------------------*/\r
 puts("Generating iptables and tc classes ... ");\r
 /*-----------------------------------------------------------------*/\r
\r
 for_each(ip, ips) if(ip->mark > 0)\r
 {\r
  if(idxs)\r
  {\r
   char *buf;\r
   duplicate(ip->addr,buf);\r
   buf=hash_id(ip->addr,32-idxtable_bitmask1); \r
   \r
   string(chain_forward,6+strlen(buf));\r
   strcpy(chain_forward,"forw_");\r
   strcat(chain_forward,buf);\r
\r
   string(chain_postrouting,6+strlen(buf));\r
   strcpy(chain_postrouting,"post_");\r
   strcat(chain_postrouting,buf);\r
   \r
   free(buf);\r
  }\r
  else\r
  {\r
   chain_forward="FORWARD";\r
   chain_postrouting="POSTROUTING";\r
  }\r
\r
#ifdef DEBUG\r
  printf("%-22s %-16s %04d ", ip->name, ip->addr, ip->mark); \r
#endif\r
\r
  /* -------------------------------------------------------- mark download */\r
  \r
  sprintf(str, "-A %s -d %s/32 -o %s -j %s%d",\r
               chain_postrouting, ip->addr, lan, mark_iptables, ip->mark);\r
  /*sprintf(str,"-A %s -d %s/32 -o %s -j MARK --set-mark %d",chain_postrouting,ip->addr,lan,ip->mark);*/\r
  /* -m limit --limit 1/s */  \r
  save_line(str);\r
\r
  if(qos_proxy)\r
  {\r
   sprintf(str, "-A %s -s %s -p tcp --sport %d -d %s/32 -o %s -j %s%d",\r
                chain_postrouting, proxy_ip, proxy_port, ip->addr, lan, mark_iptables, ip->mark);\r
   /*sprintf(str,"-A %s -s %s -p tcp --sport %d -d %s/32 -o %s -j MARK --set-mark %d",chain_postrouting,proxy_ip,proxy_port,ip->addr,lan,ip->mark);*/\r
   save_line(str);\r
  }\r
\r
  sprintf(str, "-A %s -d %s/32 -o %s -j ACCEPT",\r
               chain_postrouting, ip->addr, lan);\r
  save_line(str);\r
\r
  /* -------------------------------------------------------- mark upload */\r
  sprintf(str, "-A %s -s %s/32 -o %s -j %s%d", \r
               chain_forward, ip->addr, wan, mark_iptables, ip->mark);\r
  /*  sprintf(str,"-A %s -s %s/32 -o %s -j MARK --set-mark %d",chain_forward,ip->addr,wan,ip->mark);*/\r
  save_line(str);\r
\r
  sprintf(str, "-A %s -s %s/32 -o %s -j ACCEPT",\r
               chain_forward, ip->addr, wan);\r
  save_line(str);\r
\r
  if(ip->min)\r
  {\r
   /* -------------------------------------------------------- download class */\r
#ifdef DEBUG\r
   printf("(down: %dk-%dk ", ip->min, ip->max); \r
#endif\r
\r
   sprintf(str, "%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d", \r
                tc, lan, ip->group, ip->mark,ip->min,ip->max, burst, ip->prio);\r
   safe_run(str);\r
\r
   if(strcmpi(ip->keyword->leaf_discipline, "none"))\r
   {\r
     sprintf(str, "%s qdisc add dev %s parent 1:%d handle %d %s", \r
                  tc, lan, ip->mark, ip->mark, ip->keyword->leaf_discipline); /*qos_leaf*/\r
     safe_run(str);\r
   }\r
\r
   if(filter_type == 1)\r
   {\r
     sprintf(str, "%s filter add dev %s parent 1:0 protocol ip handle %d fw flowid 1:%d",\r
                  tc, lan, ip->mark, ip->mark);\r
     safe_run(str);\r
   }\r
\r
   /* -------------------------------------------------------- upload class */\r
#ifdef DEBUG\r
   printf("up: %dk-%dk)\n", (int)((ip->min/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), \r
                            (int)((ip->max/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed));\r
#endif\r
\r
   sprintf(str,"%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d",\r
                tc, wan, ip->group, ip->mark,\r
                (int)((ip->min/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed),\r
                (int)((ip->max/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), burst, ip->prio);\r
   safe_run(str);\r
   \r
   if(strcmpi(ip->keyword->leaf_discipline, "none"))\r
   {\r
     sprintf(str, "%s qdisc add dev %s parent 1:%d handle %d %s",\r
                  tc, wan, ip->mark, ip->mark, ip->keyword->leaf_discipline); /*qos_leaf*/\r
     safe_run(str);\r
   }   \r
\r
   if(filter_type == 1)\r
   {\r
     sprintf(str, "%s filter add dev %s parent 1:0 protocol ip handle %d fw flowid 1:%d",\r
                  tc, wan, ip->mark, ip->mark);\r
     safe_run(str);\r
   }\r
  \r
   if(f > 0)\r
   {\r
     fprintf(f, "%s %d\n", ip->addr, ip->mark);\r
   }\r
  }\r
  else\r
  {\r
#ifdef DEBUG\r
   printf("(sharing %s)\n", ip->sharing);\r
#endif\r
  }\r
  i++;\r
 }\r
 if(f > 0)\r
 {\r
  puts("done.");\r
  fclose(f);\r
 }\r
 \r
 if(idxs)\r
 {\r
   chain_forward = "forw_common";\r
   chain_postrouting = "post_common";\r
 }\r
 else\r
 {\r
   chain_forward = "FORWARD";\r
   chain_postrouting = "POSTROUTING";\r
 }\r
 /* -------------------------------- classify or reject free download */\r
 {\r
   char *final_chain = "DROP"; /* REJECT would be better, but it is impossible in mangle */\r
   if(free_min)\r
   {\r
    final_chain = "ACCEPT";\r
   }\r
   if(qos_proxy)\r
   {\r
     if(free_min)\r
     {\r
       sprintf(str,"-A %s -s %s -p tcp --sport %d -o %s -j %s%d",\r
                   chain_postrouting,proxy_ip,proxy_port,lan,mark_iptables,3);\r
       save_line(str);\r
     }\r
     sprintf(str,"-A %s -s %s -p tcp --sport %d -o %s -j %s",\r
                  chain_postrouting,proxy_ip,proxy_port,lan,final_chain);\r
     save_line(str);\r
   }\r
   if(free_min)\r
   {\r
     sprintf(str,"-A %s -o %s -j %s%d", chain_postrouting, lan, mark_iptables, 3);\r
     save_line(str);\r
   }\r
   sprintf(str,"-A %s -o %s -j %s", chain_postrouting, lan, final_chain);\r
   save_line(str);\r
   /* ------------------------------- classify or reject free  upload */\r
   if(free_min)\r
   {\r
     sprintf(str,"-A %s -o %s -j %s%d", chain_forward, wan, mark_iptables, 3);\r
     save_line(str);\r
   }\r
   sprintf(str,"-A %s -o %s -j %s", chain_forward, wan, final_chain);\r
   save_line(str);\r
 }\r
\r
 if(free_min) /* allocate free bandwith if it is not zero... */ \r
 {\r
   /*-----------------------------------------------------------------*/\r
   puts("Generating free bandwith classes ...");\r
   /*-----------------------------------------------------------------*/\r
   sprintf(str, "%s class add dev %s parent 1:%d classid 1:3 htb rate %dkbit ceil %dkbit burst %dk prio %d",\r
                tc, lan, parent, free_min, free_max,burst, lowest_priority);\r
   safe_run(str);\r
   sprintf(str, "%s class add dev %s parent 1:%d classid 1:3 htb rate %dkbit ceil %dkbit burst %dk prio %d",\r
                tc, wan, parent, free_min, free_max, burst, lowest_priority);\r
   safe_run(str);\r
   /* tc SFQ */\r
   if(strcmpi(qos_leaf, "none"))\r
   {\r
     sprintf(str,"%s qdisc add dev %s parent 1:3 handle 3 %s", tc, lan, qos_leaf);\r
     safe_run(str);\r
   \r
     sprintf(str,"%s qdisc add dev %s parent 1:3 handle 3 %s", tc, wan, qos_leaf);\r
     safe_run(str);\r
   }   \r
   /* tc handle 1 fw flowid */\r
   sprintf(str,"%s filter add dev %s parent 1:0 protocol ip handle 3 fw flowid 1:3", tc, lan);\r
   safe_run(str);\r
\r
   sprintf(str,"%s filter add dev %s parent 1:0 protocol ip handle 3 fw flowid 1:3", tc, wan);\r
   safe_run(str);\r
 }\r
 printf("Total IP count: %d\n", i);\r
 run_restore(); \r
 if(log_file)\r
 {\r
  fclose(log_file);\r
 }\r
 return 0;\r
 /* that's all folks, thank you for reading it all the way up to this point ;-) */\r
 /* bad luck C<<1 is not yet finished, I promise no sprintf() next time... */\r
}\r