From 9f552e96b7c3ed1b5af6578252c0154491132a10 Mon Sep 17 00:00:00 2001 From: xchaos Date: Fri, 13 Oct 2017 10:42:29 +0000 Subject: [PATCH] not tested - initial commit only git-svn-id: https://dev.arachne.cz/repos/prometheus/trunk@256 251d49ef-1d17-4917-a970-b30cf55b089b --- htmlandlogs.c | 9 +- ipstruct.h | 21 ++ parselogs.c | 9 +- prometheus.c | 636 +++++++++++++++++++++----------------------------- 4 files changed, 300 insertions(+), 375 deletions(-) diff --git a/htmlandlogs.c b/htmlandlogs.c index 7037784..b6f9cb6 100644 --- a/htmlandlogs.c +++ b/htmlandlogs.c @@ -14,7 +14,6 @@ extern const char *version; extern const char *stats_html_signature; extern char *jquery_url; extern int keywordcount; -extern long long int line; extern int dry_run; extern int qos_proxy; extern char *title; @@ -100,19 +99,19 @@ void write_htmlandlogs(char *html, char *d, int total, int just_preview) count++; } #ifdef DEBUG - printf("Total groups: %d Total bandwidth requested: %d kb/s\nAGGREGATION: 1/%d\n", - count, i, i/line); + printf("Total groups: %d Total bandwidth requested: %d kb/s\n", + count, i, i); #endif fprintf(f,"\n\ \n\ -Line %Ld kb/s",line); +"); fprintf(f,"%d%d kb/s",total,i); for_each(keyword, keywords) if(keyword->ip_count) { fprintf(f,"%d IPs",keyword->ip_count); } - fprintf(f,"Aggregation 1/%d\n", (int)(0.5+i/line)); + fprintf(f,"\n"); fprintf(f,"%d traffic classes\n", keywordcount, total); fputs("\n",f); diff --git a/ipstruct.h b/ipstruct.h index 542cb0a..c7843f6 100644 --- a/ipstruct.h +++ b/ipstruct.h @@ -72,5 +72,26 @@ struct Macro list(Macro); }; +struct Index +{ + char *addr; + char *id; + struct Index *parent; + int bitmask; + int children; + int ipv6; + list(Index); +}; + +struct Interface +{ + char *name; + long long speed; + int is_upstream; + char *chain; + char *idxprefix; + list(Interface); +}; + void TheIP(char *ipaddr, int is_network); /* function implemented in parsehosts.c */ diff --git a/parselogs.c b/parselogs.c index 7eb2319..53c0bd7 100644 --- a/parselogs.c +++ b/parselogs.c @@ -1,4 +1,6 @@ #include "cll1-0.6.2.h" +#include "cll1-0.6.2.h" + #define STRLEN 512 /* globals declared in prometheus.c */ @@ -10,7 +12,6 @@ extern char *html_log_dir; extern int row_odd_even; extern char *log_url; extern char *lms_url; -extern long long int line; /* function implemented in prometheus.c */ const char *tr_odd_even(void); @@ -213,9 +214,9 @@ void parse_ip_log(int argc, char **argv) fprintf(f,"\ Total:\ %ld GB\ -%Ld kb/s\ --\ -\n", total, line); +\ +\ +\n", total); fputs("\n", f); row_odd_even = 0; diff --git a/prometheus.c b/prometheus.c index 993b185..d25ca51 100644 --- a/prometheus.c +++ b/prometheus.c @@ -7,7 +7,7 @@ /* Credit: CZFree.Net,Martin Devera,Netdave,Aquarius,Gandalf */ /* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */ -/* Modified by: xChaos, 20160622 +/* Modified by: xChaos, 20171012 ludva, 20080415 Prometheus QoS is free software; you can redistribute it and/or @@ -29,10 +29,10 @@ #include "cll1-0.6.2.h" #include "ipstruct.h" -const char *version = "0.8.5-e"; +const char *version = "0.9.0-a"; /* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */ -/* Versions: 0.8.5 is development release, 0.8.6 will be "stable" */ +/* Versions: 0.9.0 is development release, 1.0 will be "stable" */ /* Official Trac URL: https://dev.arachne.cz/svn/prometheus */ /* Official SVN URL: https://dev.arachne.cz/repos/prometheus */ /* BTC donations account: 19rriLx8vR19wGefPaMhakqnCYNYwjLvxq */ @@ -40,7 +40,7 @@ const char *version = "0.8.5-e"; /* Warning: unofficial Github mirror is not supported by author! */ /* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */ -const char *stats_html_signature = "Statistics generated by Prometheus QoS version %s
GPL+Copyright(C)2005-2015 Michael Polak, Arachne Labs\n"; +const char *stats_html_signature = "Statistics generated by Prometheus QoS version %s
GPL+Copyright(C)2005-2017 Michael Polak, Arachne Labs\n"; #define STRLEN 512 #undef DEBUG @@ -59,6 +59,8 @@ const char *ls = "/bin/ls"; /* this is not user configurable :-) * char *config = "/etc/prometheus/prometheus.conf"; /* main configuration file */ char *hosts = "/etc/prometheus/hosts"; /* per-IP bandwidth definition file */ char *macrosfile = "/etc/prometheus/prometheus.macros"; /* rewrite rules for most common tariffs */ +char *upstreamfile = "/etc/prometheus/upstream.interfaces"; /* list of interfaces to manage */ +char *downstreamfile = "/etc/prometheus/downstream.interfaces"; /* list of interfaces to manage */ char *iptablesfile = "/var/spool/prometheus.iptables"; /* temporary file for iptables-restore*/ char *ip6tablesfile = "/var/spool/prometheus.ip6tables"; /* temporary file for ip6tables-restore*/ char *credit = "/var/lib/misc/prometheus.credit"; /* credit log file */ @@ -92,11 +94,10 @@ int enable_credit = TRUE; /* enable credit file */ int use_credit = FALSE; /* use credit file (if enabled)*/ char *title = "Hall of Fame - Greatest Suckers"; /* hall of fame title */ int hall_of_fame = TRUE; /* enable hall of fame */ -char *lan = "eth0"; /* LAN interface */ -char *lan_medium = "100Mbit"; /* 10Mbit/100Mbit ethernet */ -char *wan = "eth1"; /* WAN/ISP interface */ +char *medium = "1000Mbit"; /* 10Mbit/100Mbit ethernet */ +//obsolete: char *lan = "eth0"; /* LAN interface */ +//obsolete: char *lan_medium = "1000Mbit"; /* 10Mbit/100Mbit ethernet */ char *ip6prefix = NULL; /* Prefix for global /48 IPv6 subnet */ -char *wan_medium = "100Mbit"; /* 10Mbit/100Mbit ethernet */ char *qos_leaf = "sfq perturb 5"; /* leaf discipline */ char *qos_free_zone = NULL; /* QoS free zone */ /* int qos_proxy = TRUE; include proxy port to QoS */ @@ -104,8 +105,8 @@ int found_lmsid = FALSE; /* show links to users in LMS information system int include_upload = TRUE; /* upload+download=total traffic */ /* char *proxy_ip = "192.168.1.1/32"; our IP with proxy port */ /* int proxy_port = 3128; proxy port number */ -long long int line = 1024; /* WAN/ISP download in kbps */ -long long int up = 1024; /* WAN/ISP upload in kbps */ +//obsolete: long long int line = 1024; /* WAN/ISP download in kbps */ +//obsolete: long long int up = 1024; /* WAN/ISP upload in kbps */ int free_min = 256; /* minimum guaranted bandwidth for all undefined hosts */ int free_max = 512; /* maximum allowed bandwidth for all undefined hosts */ int overlimit_min = 256; /* minimum guaranted bandwidth for all undefined hosts */ @@ -135,6 +136,8 @@ struct IP *ips = NULL, *networks = NULL, *ip, *sharedip; struct Group *groups = NULL, *group; struct Keyword *keyword, *defaultkeyword=NULL, *keywords = NULL; struct Macro *macro, *macros = NULL; +struct Index *idxs = NULL, *idx, *metaindex; +struct Interface *interfaces = NULL, *interface; #define FREE_CLASS 3 #define OVERLIMIT_CLASS 4 @@ -179,20 +182,6 @@ const char *tr_odd_even(void) } } -/* ==== This is C<<1 stuff - learn C<<1 first! https://dev.arachne.cz/svn/cll1h ==== */ -/* (except that this code uses obsolete, archaic version of this header file...) */ - -struct Index -{ - char *addr; - char *id; - struct Index *parent; - int bitmask; - int children; - int ipv6; - list(Index); -} *idxs=NULL, *idx, *metaindex; - /* ====== iptables indexes are used to reduce complexity to log8(N) ===== */ @@ -299,13 +288,11 @@ void get_config(char *config_filename) option("iptables-in-filename",iptablesfile); option("ip6tables-in-filename",ip6tablesfile); option("hosts",hosts); - option("lan-interface",lan); - option("wan-interface",wan); + option("downstream-interfaces-list-filename",downstreamfile); + option("upstream-interfaces-list-filename",upstreamfile); + option("macros-filename",upstreamfile); option("ip6-prefix",ip6prefix); - option("lan-medium",lan_medium); - option("wan-medium",wan_medium); - lloption("wan-download",line); - lloption("wan-upload",up); + option("medium",medium); ioption("hall-of-fame-enable",hall_of_fame); ioption("digital-divide-weirdness-ratio",digital_divide); option("hall-of-fame-title",title); @@ -375,13 +362,6 @@ void get_config(char *config_filename) mark = "MARK"; mark_iptables = "MARK --set-mark "; } - - /* are supplied values meaningful ?*/ - if(line<=0 || up<=0) - { - puts("Illegal value of LAN or WAN bandwidth: 0 kbps."); - reject_config_and_exit(config_filename); - } } @@ -418,7 +398,7 @@ void iptables_save_line(char *line, int ipv6) void run_iptables_restore(void) { char *restor; - string(restor,STRLEN); + string(restor, STRLEN); /*-----------------------------------------------------------------*/ printf("Running %s <%s ...\n", iptablesrestore, iptablesfile); @@ -487,7 +467,6 @@ program int run = FALSE; int total = 0; - char *chain_forward, *chain_postrouting; char *althosts=NULL; printf("\n\ @@ -532,6 +511,58 @@ Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version); printf("Parsing configuration file %s ...\n", config); /*-----------------------------------------------------------------*/ get_config(config); + /*-----------------------------------------------------------------*/ + printf("Parsing upstream interfaces list %s ...\n", upstreamfile); + /*-----------------------------------------------------------------*/ + parse(upstreamfile) + { + ptr = parse_datafile_line(_); + if(ptr) + { + create(interface, Interface); + interface->name = _; + interface->speed = (long long)atol(ptr); + /* is supplied value meaningful ?*/ + if(interface->speed <= 0) + { + printf("Illegal value of %s interface bandwidth.\n", interface->name); + reject_config_and_exit(upstreamfile); + } + interface->is_upstream = TRUE; + interface->chain = "FORWARD"; + interface->idxprefix = "forw"; + push(interface, interfaces); + printf("Upstream interface %s: medium %s capacity %ld kbps\n", interface->name, medium, interface->speed); + } + } + done; /* ugly macro end */ + + /*-----------------------------------------------------------------*/ + printf("Parsing downstream interfaces list %s ...\n", downstreamfile); + /*-----------------------------------------------------------------*/ + parse(upstreamfile) + { + ptr = parse_datafile_line(_); + if(ptr) + { + create(interface, Interface); + interface->name = _; + interface->speed = (long long)atol(ptr); + /* is supplied value meaningful ?*/ + if(interface->speed <= 0) + { + printf("Illegal value of %s interface bandwidth.\n", interface->name); + reject_config_and_exit(downstreamfile); + } + interface->is_upstream = FALSE; + interface->chain = "POSTROUTING"; + interface->idxprefix = "post"; + push(interface, interfaces); + printf("Upstream interface %s: medium %s capacity %ld kbps\n", interface->name, medium, interface->speed); + } + } + done; /* ugly macro end */ + if(just_logs) { @@ -587,15 +618,20 @@ Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version); } done; /* ugly macro end */ + + /*-----------------------------------------------------------------*/ printf("Parsing class defintion file %s ...\n", hosts); /*-----------------------------------------------------------------*/ parse_hosts(hosts); +/* + //this was pretty dumb idea anyway... if(just_networks) { analyse_topology("/usr/sbin/traceroute -n -m 10 -w 2 %s.%d"); exit(-1); } +*/ /*-----------------------------------------------------------------*/ puts("Resolving shared connections ..."); @@ -692,11 +728,11 @@ Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version); exit(-1); } - sprintf(str,"%s qdisc del dev %s root 2>/dev/null",tc,lan); - safe_run(str); - - sprintf(str,"%s qdisc del dev %s root 2>/dev/null",tc,wan); - safe_run(str); + for_each(interface, interfaces) + { + sprintf(str,"%s qdisc del dev %s root 2>/dev/null", tc, interface->name); + safe_run(str); + } iptables_file=fopen(iptablesfile,"w"); iptables_save_line(iptablespreamble, FALSE); @@ -709,33 +745,11 @@ Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version); if(qos_free_zone && *qos_free_zone!='0') /* this is currently supported only for IPv4 */ { - char *chain; - - sprintf(str,"-A FORWARD -d %s -o %s -j ACCEPT", qos_free_zone, wan); - iptables_save_line(str, FALSE); /* this is currently supported only for IPv4 */ - -/* - if(qos_proxy) + for_each(interface, interfaces) { - iptables_save_line(":post_noproxy - [0:0]", FALSE); - sprintf(str,"-A POSTROUTING ! -p tcp -o %s -j post_noproxy", lan); - iptables_save_line(str , FALSE); - sprintf(str,"-A POSTROUTING ! -s %s -o %s -j post_noproxy", proxy_ip, lan); + sprintf(str,"-A %s -s %s -o %s -j ACCEPT", interface->chain, qos_free_zone, interface->name); iptables_save_line(str, FALSE); - sprintf(str,"-A POSTROUTING -s %s -p tcp ! --sport %d -o %s -j post_noproxy", proxy_ip, proxy_port, lan); - iptables_save_line(str, FALSE); - - chain="post_noproxy"; } - - else - { -*/ - chain = "POSTROUTING"; -// } - - sprintf(str,"-A %s -s %s -o %s -j ACCEPT", chain, qos_free_zone, lan); - iptables_save_line(str, FALSE); } if(ip_count > idxtable_treshold1 && !just_flush) @@ -824,7 +838,7 @@ Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version); sort(idx,idxs,order_by,bitmask); i=0; - for_each(idx,idxs) + for_each(idx, idxs) { if(idx->ipv6) { @@ -842,53 +856,36 @@ Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version); sprintf(str,":forw_%s - [0:0]", idx->id); iptables_save_line(str, idx->ipv6); - if(idx->parent) - { - string(buf,strlen(idx->parent->id)+6); - sprintf(buf,"post_%s", idx->parent->id); - } - else + for_each(interface, interfaces) { - buf="POSTROUTING"; - } + if(idx->parent) + { + string(buf, strlen(idx->parent->id)+6); + sprintf(buf, "%s_%s", interface->idxprefix, idx->parent->id); + } + else + { + buf = interface->chain; + } - sprintf(str,"-A %s -d %s/%d -o %s -j post_%s", buf, subnet, idx->bitmask, lan, idx->id); - iptables_save_line(str, idx->ipv6); + sprintf(str,"-A %s -d %s/%d -o %s -j %s_%s", buf, subnet, idx->bitmask, interface->name, interface->idxprefix, idx->id); + iptables_save_line(str, idx->ipv6); - sprintf(str,"-A %s -d %s/%d -o %s -j post_common", buf, subnet, idx->bitmask, lan); - iptables_save_line(str, idx->ipv6); - - if(idx->parent) - { - string(buf,strlen(idx->parent->id)+6); - sprintf(buf,"forw_%s",idx->parent->id); - } - else - { - buf="FORWARD"; + sprintf(str,"-A %s -d %s/%d -o %s -j %s_common", buf, subnet, idx->bitmask, interface->name, interface->idxprefix); + iptables_save_line(str, idx->ipv6); } - - sprintf(str,"-A %s -s %s/%d -o %s -j forw_%s", buf, subnet, idx->bitmask, wan, idx->id); - iptables_save_line(str, idx->ipv6); - - sprintf(str,"-A %s -s %s/%d -o %s -j forw_common", buf, subnet, idx->bitmask, wan); - iptables_save_line(str, idx->ipv6); } printf("Total indexed iptables chains created: %d\n", i); - sprintf(str,"-A FORWARD -o %s -j forw_common", wan); - iptables_save_line(str, FALSE); - - sprintf(str,"-A POSTROUTING -o %s -j post_common", lan); - iptables_save_line(str, FALSE); - - if(ip6prefix) + for_each(interface, interfaces) { - sprintf(str,"-A FORWARD -o %s -j forw_common", wan); - iptables_save_line(str, TRUE); - - sprintf(str,"-A POSTROUTING -o %s -j post_common", lan); - iptables_save_line(str, TRUE); + sprintf(str,"-A %s -o %s -j %s_common", interface->chain, interface->name, interface->idxprefix); + iptables_save_line(str, FALSE); + if(ip6prefix) + { + sprintf(str,"-A %s -o %s -j %s_common", interface->chain, interface->name, interface->idxprefix); + iptables_save_line(str, TRUE); + } } } } @@ -908,32 +905,24 @@ Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version); { if(!dry_run && !nodelay && qos_free_delay) { - printf("Flushed iptables and tc classes - now sleeping for %d seconds...\n",qos_free_delay); + printf("Flushed iptables and tc classes - now sleeping for %d seconds...\n", qos_free_delay); sleep(qos_free_delay); } - sprintf(str,"%s qdisc add dev %s root handle 1: htb r2q %d default 1", - tc,lan,htb_r2q); - safe_run(str); - - sprintf(str, "%s class add dev %s parent 1: classid 1:2 htb rate %s ceil %s burst %dk prio %d", - tc,lan,lan_medium,lan_medium,burst_main,highest_priority); - safe_run(str); - - sprintf(str, "%s class add dev %s parent 1:2 classid 1:1 htb rate %Ldkbit ceil %Ldkbit burst %dk prio %d", - tc,lan,line,line,burst_main,highest_priority); - safe_run(str); - - sprintf(str,"%s qdisc add dev %s root handle 1: htb r2q %d default 1",tc,wan,htb_r2q); - safe_run(str); + for_each(interface, interfaces) + { + sprintf(str, "%s qdisc add dev %s root handle 1: htb r2q %d default 1", + tc, interface->name, htb_r2q); + safe_run(str); - sprintf(str, "%s class add dev %s parent 1: classid 1:2 htb rate %s ceil %s burst %dk prio %d", - tc,wan,wan_medium,wan_medium,burst_main,highest_priority); - safe_run(str); + sprintf(str, "%s class add dev %s parent 1: classid 1:2 htb rate %s ceil %s burst %dk prio %d", + tc, interface->name, medium, medium, burst_main, highest_priority); + safe_run(str); - sprintf(str, "%s class add dev %s parent 1:2 classid 1:1 htb rate %Ldkbit ceil %Ldkbit burst %dk prio %d", - tc,wan,up,up,burst_main,highest_priority); - safe_run(str); + sprintf(str, "%s class add dev %s parent 1:2 classid 1:1 htb rate %Ldkbit ceil %Ldkbit burst %dk prio %d", + tc, interface->name, interface->speed, interface->speed, burst_main, highest_priority); + safe_run(str); + } } /*-----------------------------------------------------------------*/ @@ -942,38 +931,32 @@ Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version); sort(ip,ips,desc_order_by,traffic); /*-----------------------------------------------------------------*/ - /* sub-scope - local variables */ + for_each(interface, interfaces) { - long long int rate = line; - long long int max = line; + long long int rate = interface->speed; + long long int max = interface->speed; int group_count = 0; - FILE *credit_file = NULL; + //obsolete: FILE *credit_file = NULL; - if(!just_preview && !dry_run && enable_credit) - { - credit_file = fopen(credit,"w"); - } - + //obsolete: if(!just_preview && !dry_run && enable_credit) + //obsolete: { + //obsolete: credit_file = fopen(credit,"w"); + //obsolete: } + for_each(group,groups) { if(!just_preview) { - //download - sprintf(str,"%s class add dev %s parent 1:%d classid 1:%d htb rate %Ldkbit ceil %Ldkbit burst %dk prio %d #down desired %d", - tc, lan, parent, group->id, rate, max, burst_group, highest_priority+1, group->desired); - safe_run(str); - - //upload - sprintf(str,"%s class add dev %s parent 1:%d classid 1:%d htb rate %Ldkbit ceil %Ldkbit burst %dk prio %d #up desired %d", - tc, wan, parent, group->id, rate*up/line, max*up/line, burst_group, highest_priority+1, group->desired); + sprintf(str, "%s class add dev %s parent 1:%d classid 1:%d htb rate %Ldkbit ceil %Ldkbit burst %dk prio %d #down desired %d", + tc, interface->name, parent, group->id, rate, max, burst_group, highest_priority+1, group->desired); safe_run(str); } - + if(group_count++ < max_nesting) { parent = group->id; } - + rate -= digital_divide*group->min; if(rate < group->min) { @@ -981,6 +964,7 @@ Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version); } /*shaping of aggresive downloaders, with credit file support */ + /* obsolete if(use_credit) { int group_rate = group->min, priority_sequence = lowest_priority; @@ -1028,12 +1012,13 @@ Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version); } } } - } + } obsolete */ } + /* obsolete if(credit_file) { fclose(credit_file); - } + } obsolete */ } if(just_preview) @@ -1120,7 +1105,7 @@ Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version); } else { - printf("Applying limit for %s (%s) ", ip->name, ip->addr); + printf("Updating %s (%s) ", ip->name, ip->addr); if(reduce_ceil) { ip->max = ip->min + (ip->desired-ip->min)/reduce_ceil; @@ -1130,24 +1115,37 @@ Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version); ip->max = ip->min; } } - if(print_stats) + for_each(interface, interfaces) { - printf("(down: %dk-%dk wants %dk, ", ip->min, ip->max, ip->desired); + if(!interface->is_upstream) + { + if(print_stats) + { + printf("[down %s: %dk-%dk wants %d]", interface->name, ip->min, ip->max, ip->desired); + } + sprintf(str, "%s class change dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d", + tc, interface->name, ip->group, ip->mark, ip->min, ip->max, burst, ip->prio); + safe_run(str); + } + else + { + if(print_stats) + { + printf("[up %s: %dk-%dk wants %dk]", interface->name, (int)((ip->min/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), + (int)((ip->desired/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), + (int)((ip->desired/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed)); + } + sprintf(str,"%s class change dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d", + tc, interface->name, ip->group, ip->mark, + (int)((ip->min/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), + (int)((ip->max/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), burst, ip->prio); + safe_run(str); + } } - sprintf(str, "%s class change dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d", - tc, lan, ip->group, ip->mark,ip->min,ip->max, burst, ip->prio); - safe_run(str); if(print_stats) { - printf("up: %dk-%dk wants %dk)\n", (int)((ip->min/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), - (int)((ip->desired/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), - (int)((ip->desired/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed)); + printf("\n"); } - sprintf(str,"%s class change dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d", - tc, wan, ip->group, ip->mark, - (int)((ip->min/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), - (int)((ip->max/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), burst, ip->prio); - safe_run(str); } } } @@ -1214,266 +1212,172 @@ Credit: CZFree.Net, Martin Devera, Netdave, Aquarius, Gandalf\n\n",version); printf(" + generating iptables and tc classes ... "); /*-----------------------------------------------------------------*/ - for_each(ip, ips) if(ip->mark > 0) /* works only for IPv4 so far */ + for_each(ip, ips) if(ip->mark > 0) { - if(idxs) + for_each(interface, interfaces) { - char *buf; - duplicate(ip->addr,buf); - if(ip->v6) + char *chain; + if(idxs) { - buf=index6_id(ip->addr,64-idxtable_bitmask1); + char *buf; + duplicate(ip->addr,buf); + if(ip->v6) + { + buf=index6_id(ip->addr,64-idxtable_bitmask1); + } + else + { + buf=index_id(ip->addr,32-idxtable_bitmask1); + } + + string(chain, 6+strlen(buf)); + sprintf(chain, "%s_", interface->idxprefix); + strcat(chain, buf); + + free(buf); } else { - buf=index_id(ip->addr,32-idxtable_bitmask1); + chain = interface->chain; } - - string(chain_forward,6+strlen(buf)); - strcpy(chain_forward,"forw_"); - strcat(chain_forward,buf); - string(chain_postrouting,6+strlen(buf)); - strcpy(chain_postrouting,"post_"); - strcat(chain_postrouting,buf); - - free(buf); - } - else - { - chain_forward="FORWARD"; - chain_postrouting="POSTROUTING"; - } + /* packet limits - this will be optional in future */ + if(ip->pps_limit) + { + sprintf(limit_pkts, "-m limit --limit %d/s --limit-burst %d ", + ip->pps_limit, ip->pps_limit); + } + else + { + *limit_pkts = 0; + } - /* packet limits - this will be optional in future */ - if(ip->pps_limit) - { - sprintf(limit_pkts, "-m limit --limit %d/s --limit-burst %d ", - ip->pps_limit, ip->pps_limit); - } - else - { - *limit_pkts = 0; - } + #ifdef DEBUG + printf("%-22s %-16s %04d %d/s\n", ip->name, ip->addr, ip->mark, ip->pps_limit); + #endif -#ifdef DEBUG - printf("%-22s %-16s %04d %d/s\n", ip->name, ip->addr, ip->mark, ip->pps_limit); -#endif + /* ------------------------------------------------ iptables classify */ + sprintf(str, "-A %s -d %s/%d -o %s -j %s%d", + chain, ip->addr, ip->mask, + interface->name, mark_iptables, ip->mark); + iptables_save_line(str, ip->v6); - /* -------------------------------------------------------- mark download */ - sprintf(str, "-A %s -d %s/%d -o %s -j %s%d", - chain_postrouting, ip->addr, ip->mask, - lan, mark_iptables, ip->mark); - iptables_save_line(str, ip->v6); + sprintf(str, "-A %s -d %s/%d -o %s %s-j ACCEPT", + chain, ip->addr, ip->mask, interface->name, limit_pkts); + iptables_save_line(str, ip->v6); -/* - if(qos_proxy) - { - sprintf(str, "-A %s -s %s -p tcp --sport %d -d %s/%d -o %s -j %s%d", - chain_postrouting, proxy_ip, proxy_port, ip->addr, - ip->mask, lan, mark_iptables, ip->mark); + /* classify overlimit packets to separate overlimit class */ + sprintf(str, "-A %s -d %s/%d -o %s -j %s%d", + chain, ip->addr, ip->mask, + interface->name, mark_iptables, OVERLIMIT_CLASS); iptables_save_line(str, ip->v6); - } -*/ - sprintf(str, "-A %s -d %s/%d -o %s %s-j ACCEPT", - chain_postrouting, ip->addr, ip->mask, lan, limit_pkts); - iptables_save_line(str, ip->v6); - - /* classify overlimit packets to separate overlimit class */ - sprintf(str, "-A %s -d %s/%d -o %s -j %s%d", - chain_postrouting, ip->addr, ip->mask, - lan, mark_iptables, OVERLIMIT_CLASS); - iptables_save_line(str, ip->v6); - - sprintf(str, "-A %s -d %s/%d -o %s -j ACCEPT", - chain_postrouting, ip->addr, ip->mask, lan); - iptables_save_line(str, ip->v6); - - /* -------------------------------------------------------- mark upload */ - sprintf(str, "-A %s -s %s/%d -o %s -j %s%d", - chain_forward, ip->addr, ip->mask, wan, mark_iptables, ip->mark); - iptables_save_line(str, ip->v6); - - sprintf(str, "-A %s -s %s/%d -o %s %s-j ACCEPT", - chain_forward, ip->addr, ip->mask, wan, limit_pkts); - iptables_save_line(str, ip->v6); - - /* classify overlimit packets to separate overlimit class */ - sprintf(str, "-A %s -s %s/%d -o %s -j %s%d", - chain_forward, ip->addr, ip->mask, wan, mark_iptables, OVERLIMIT_CLASS); - iptables_save_line(str, ip->v6); - - sprintf(str, "-A %s -s %s/%d -o %s -j ACCEPT", - chain_forward, ip->addr, ip->mask, wan); - iptables_save_line(str, ip->v6); - - if(ip->min) - { - /* -------------------------------------------------------- download class */ -#ifdef DEBUG - printf("(down: %dk-%dk ", ip->min, ip->max); -#endif - sprintf(str, "%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d", - tc, lan, ip->group, ip->mark, ip->min, ip->max, burst, ip->prio); - safe_run(str); + sprintf(str, "-A %s -d %s/%d -o %s -j ACCEPT", + chain, ip->addr, ip->mask, interface->name); + iptables_save_line(str, ip->v6); - if(strcmpi(ip->keyword->leaf_discipline, "none")) + if(ip->min) { - sprintf(str, "%s qdisc add dev %s parent 1:%d handle %d %s", - tc, lan, ip->mark, ip->mark, ip->keyword->leaf_discipline); /*qos_leaf*/ - safe_run(str); - } + //TODO - min and max should not exceed interface->speed + + /* -------------------------------------------------------- tc class */ + #ifdef DEBUG + printf("[down: %dk-%dk]", ip->min, ip->max); + #endif - if(filter_type == 1) - { - sprintf(str, "%s filter add dev %s parent 1:0 protocol ip handle %d fw flowid 1:%d", - tc, lan, ip->mark, ip->mark); + sprintf(str, "%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d", + tc, interface->name, ip->group, ip->mark, ip->min, ip->max, burst, ip->prio); safe_run(str); - } - /* -------------------------------------------------------- upload class */ -#ifdef DEBUG - printf("up: %dk-%dk)\n", (int)((ip->min/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), - (int)((ip->max/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed)); -#endif - - sprintf(str,"%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d", - tc, wan, ip->group, ip->mark, - (int)((ip->min/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), - (int)((ip->max/ip->keyword->asymetry_ratio)-ip->keyword->asymetry_fixed), burst, ip->prio); - safe_run(str); - - if(strcmpi(ip->keyword->leaf_discipline, "none")) - { - sprintf(str, "%s qdisc add dev %s parent 1:%d handle %d %s", - tc, wan, ip->mark, ip->mark, ip->keyword->leaf_discipline); /*qos_leaf*/ - safe_run(str); - } + if(strcmpi(ip->keyword->leaf_discipline, "none")) + { + sprintf(str, "%s qdisc add dev %s parent 1:%d handle %d %s", + tc, interface->name, ip->mark, ip->mark, ip->keyword->leaf_discipline); /*qos_leaf*/ + safe_run(str); + } - if(filter_type == 1) - { - sprintf(str, "%s filter add dev %s parent 1:0 protocol ip handle %d fw flowid 1:%d", - tc, wan, ip->mark, ip->mark); - safe_run(str); + if(filter_type == 1) + { + sprintf(str, "%s filter add dev %s parent 1:0 protocol ip handle %d fw flowid 1:%d", + tc, interface->name, ip->mark, ip->mark); + safe_run(str); + } } - - if(f > 0) + else { - fprintf(f, "%s %d\n", ip->addr, ip->mark); + #ifdef DEBUG + printf("(sharing %s)\n", ip->sharing); + #endif } + i++; } - else + if(ip->min && f > 0) { -#ifdef DEBUG - printf("(sharing %s)\n", ip->sharing); -#endif + fprintf(f, "%s %d\n", ip->addr, ip->mark); } - i++; } if(f > 0) { puts("done."); fclose(f); } - - if(idxs) - { - chain_forward = "forw_common"; - chain_postrouting = "post_common"; - } - else - { - chain_forward = "FORWARD"; - chain_postrouting = "POSTROUTING"; - } - if(free_min) + for_each(interface, interfaces) { - final_chain = "ACCEPT"; - } - -/* - if(qos_proxy) - { - if(free_min) + char *chain; + if(idxs) { - sprintf(str, "-A %s -s %s -p tcp --sport %d -o %s -j %s%d", - chain_postrouting,proxy_ip,proxy_port,lan,mark_iptables, 3); - iptables_save_line(str, FALSE); // only for IPv4 + string(chain, STRLEN); + sprintf(chain, "%s_common", interface->idxprefix); + } + else + { + chain = interface->chain; } - sprintf(str, "-A %s -s %s -p tcp --sport %d -o %s -j %s", - chain_postrouting,proxy_ip,proxy_port,lan,final_chain); - iptables_save_line(str, FALSE); // only for IPv4 - } -*/ - - if(free_min) - { - sprintf(str, "-A %s -o %s -j %s%d", - chain_postrouting, lan, mark_iptables, FREE_CLASS); - iptables_save_line(str, FALSE); /* only for IPv4 */ - } - sprintf(str,"-A %s -o %s -j %s", chain_postrouting, lan, final_chain); - iptables_save_line(str, FALSE); - if(ip6prefix) - { - sprintf(str,"-A %s -o %s -j %s", chain_postrouting, lan, final_chain); - iptables_save_line(str, TRUE); - } + if(free_min) + { + final_chain = "ACCEPT"; - if(free_min) - { - sprintf(str,"-A %s -o %s -j %s%d", chain_forward, wan, mark_iptables, FREE_CLASS); - iptables_save_line(str, FALSE); /* only for IPv4 */ - } + sprintf(str, "-A %s -o %s -j %s%d", + chain, interface->name, mark_iptables, FREE_CLASS); + iptables_save_line(str, FALSE); /* only for IPv4 */ + } - sprintf(str,"-A %s -o %s -j %s", chain_forward, wan, final_chain); - iptables_save_line(str, FALSE); - if(ip6prefix) - { - sprintf(str,"-A %s -o %s -j %s", chain_postrouting, lan, final_chain); - iptables_save_line(str, TRUE); - } + sprintf(str,"-A %s -o %s -j %s", chain, interface->name, final_chain); + iptables_save_line(str, FALSE); + if(ip6prefix) + { + sprintf(str,"-A %s -o %s -j %s", chain, interface->name, final_chain); + iptables_save_line(str, TRUE); + } - if(free_min) /* allocate free bandwith if it is not zero... */ - { + if(free_min) /* allocate free bandwith if it is not zero... */ + { /*-----------------------------------------------------------------*/ puts("Generating free bandwith class ..."); /*-----------------------------------------------------------------*/ sprintf(str, "%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d", - tc, lan, parent, FREE_CLASS, free_min, free_max,burst, lowest_priority); - safe_run(str); - sprintf(str, "%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d", - tc, wan, parent, FREE_CLASS, free_min, free_max, burst, lowest_priority); + tc, interface->name, parent, FREE_CLASS, free_min, free_max,burst, lowest_priority); safe_run(str); /* tc SFQ */ if(strcmpi(qos_leaf, "none")) { - sprintf(str,"%s qdisc add dev %s parent 1:%d handle %d %s", tc, lan, FREE_CLASS, FREE_CLASS, qos_leaf); - safe_run(str); - - sprintf(str,"%s qdisc add dev %s parent 1:%d handle %d %s", tc, wan, FREE_CLASS, FREE_CLASS, qos_leaf); + sprintf(str,"%s qdisc add dev %s parent 1:%d handle %d %s", tc, interface->name, FREE_CLASS, FREE_CLASS, qos_leaf); safe_run(str); } /* tc handle 1 fw flowid */ - sprintf(str,"%s filter add dev %s parent 1:0 protocol ip handle %d fw flowid 1:%d", tc, lan, FREE_CLASS, FREE_CLASS); - safe_run(str); - - sprintf(str,"%s filter add dev %s parent 1:0 protocol ip handle %d fw flowid 1:%d", tc, wan, FREE_CLASS, FREE_CLASS); + sprintf(str,"%s filter add dev %s parent 1:0 protocol ip handle %d fw flowid 1:%d", tc, interface->name, FREE_CLASS, FREE_CLASS); safe_run(str); /*-----------------------------------------------------------------*/ puts("Generating bandwith class for overlimit packets..."); /*-----------------------------------------------------------------*/ sprintf(str, "%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d", - tc, lan, parent, OVERLIMIT_CLASS, overlimit_min, overlimit_max, burst, lowest_priority); - safe_run(str); - sprintf(str, "%s class add dev %s parent 1:%d classid 1:%d htb rate %dkbit ceil %dkbit burst %dk prio %d", - tc, wan, parent, OVERLIMIT_CLASS, overlimit_min, overlimit_max, burst, lowest_priority); + tc, interface->name, parent, OVERLIMIT_CLASS, overlimit_min, overlimit_max, burst, lowest_priority); safe_run(str); - } + } + } printf("Total IP count: %d\n", i); run_iptables_restore(); if(log_file) -- 2.30.2