{"id":35,"date":"2014-04-06T14:15:05","date_gmt":"2014-04-06T06:15:05","guid":{"rendered":"http:\/\/blog.qiaogen.com\/?p=35"},"modified":"2014-04-06T14:15:05","modified_gmt":"2014-04-06T06:15:05","slug":"qos-%e5%b0%8f%e5%8c%85%e4%bc%98%e5%85%88web%e4%bc%98%e5%85%88ip%e9%99%90%e9%80%9f%e8%bf%9e%e6%8e%a5%e6%95%b0%e9%99%90%e5%88%b6-%e7%9a%84%e8%84%9a%e6%9c%ac","status":"publish","type":"post","link":"https:\/\/www.sangqiao.com\/blog\/archives\/35","title":{"rendered":"[QoS] \u5c0f\u5305\u4f18\u5148+WEB\u4f18\u5148+IP\u9650\u901f+\u8fde\u63a5\u6570\u9650\u5236 \u7684\u811a\u672c"},"content":{"rendered":"\n\n\n
\u672c\u5e16\u6700\u540e\u7531 zhoutao0712 \u4e8e 2010-1-5 21:37 \u7f16\u8f91<\/p>\n

\u5b66\u4e60iptables\u6709\u4e00\u6bb5\u65f6\u95f4\uff0c\u73b0\u5728\u5199\u4e00\u4e2a\u811a\u672c\u68c0\u9a8c\u4e00\u4e0b\u6210\u679c\u3002\u8fd9\u662f\u4e00\u4e2a\u66f4\u52a0\u4e2a\u6027\u5316QOS\u8bbe\u7f6e\u3002
\n\u5fc3\u5f97:\u6700\u597d\u7684\u65b9\u6cd5\u662f\u770b\u522b\u4eba\u7684\u811a\u672c\uff0c\u9ad8\u624b\u7684\u811a\u672c\u662f\u600e\u4e48\u5199\u7684\u3002Dualwan\u4e2d3\u79cdQOS\u7684\u811a\u672c\u90fd\u5f88\u6709\u6c34\u5e73\u3002<\/p>\n

\u811a\u672c\u6d4b\u8bd5\u73af\u5883\u662f\u4e00\u67612MADSL,\u7248\u672c\u662fdualwan\u00a01.23.0432\uff0c\u5173\u95ed\u6240\u6709\u5176\u5b83QOS\uff0c\u628a\u811a\u672c\u4fdd\u5b58\u5230\u00a0\u9632\u706b\u5899\u811a\u672c \u4e2d\uff0c\u91cd\u8d77\u8def\u7531\u5c31OK\u3002
\n\u8be5\u811a\u672c\u4e0d\u5b9a\u4e49\u7279\u5b9a\u63a5\u53e3\uff0c\u91c7\u7528IMQ\uff08\u4e2d\u4ecb\u961f\u5217\uff09\uff0c\u76f4\u63a5\u628a\u6e90\u5730\u5740\u548c\u76ee\u7684\u5730\u5740\u4e3a192.168.1.0\/24\u7684\u6570\u636e\u5305\u5206\u522b\u9001\u8fdbimq1\u548cimq0\u865a\u62df\u63a5\u53e3\u3002
\nimq0\u63a7\u5236\u4e0b\u8f7d\uff0cimq1\u63a7\u5236\u4e0a\u4f20\u3002
\n\u5728\u5c0f\u533a\u5bbd\u5e26\u5e94\u8be5\u4e5f\u53ef\u4ee5\u4f7f\u7528\u3002\u672a\u5728DD-WRT\u4e0a\u6d4b\u8bd5\uff0c\u5e94\u8be5\u4e5f\u80fd\u4f7f\u7528\u3002
\n\u6b63\u5e38\u7f51\u9875\u6d4f\u89c8\u548cp2p\u8f6f\u4ef6\u5192\u7528\u752880\u7aef\u53e3\u4e5f\u4f5c\u4e86\u533a\u5206\u3002\u5224\u5b9a\u903b\u8f91\u662f\uff1a\u4e00\u4e2a\u8fde\u63a5\u4f20\u8f93\u6570\u636e\u5728200kB\u4ee5\u4e0b\u662f\u7f51\u9875\u6d4f\u89c8\uff0c\u6570\u636e\u5305\u653e\u8fdb\u9ad8\u4f18\u5148\u961f\u5217\u3002
\n\u8d85\u8fc7\u540e\u5224\u5b9a\u4e3aP2P\u8f6f\u4ef6\u5192\u7528\uff0c\u540e\u7eed\u6570\u636e\u5305\u653e\u8fdb\u4f4e\u4f18\u5148\u7ea7\u961f\u5217\u3002\uff08\u811a\u672c\u4e2d204800\u4ee3\u8868200KB\uff09
\n\u6570\u636e\u5305\u5206\u7c7b\u903b\u8f91\u662f\uff1a\u5148 \u5c0f\u5305\u5206\u7c7b\u2192\u7f51\u9875\u6d4f\u89c8\u5206\u7c7b\u2192p2p\u8f6f\u4ef6\u5192\u752880\u7aef\u53e3\u2192IP\u5730\u5740\u5206\u7c7b\u3002
\n\u5e76\u4e14\u6bcf\u4e2a\u6570\u636e\u5305\u90fd\u53ea\u5c5e\u4e8e\u4e00\u79cd\u5206\u7c7b\u3002\u6bd4\u5982\u8bf4\uff0c\u4e00\u4e2atcp\u5c0f\u5305\uff0c\u5373\u4f7f\u5176\u6e90IP\u5730\u5740\u662f192.168.1.2\uff0c\u5e76\u4e14\u76ee\u7684\u7aef\u53e3\u662f80\uff0c
\n\u4e5f\u53ea\u4f1a\u5c5e\u4e8e\u5c0f\u5305\u5206\u7c7b\u3002
\n\u5206\u7c7b\u7684\u4f18\u5148\u7ea7\uff1a\u5c0f\u5305\u5206\u7c7b=\u7f51\u9875\u6d4f\u89c8(prio 0)\u00a0\u00a0> IP\u5730\u5740\u5206\u7c7b (prio 2) > p2p\u8f6f\u4ef6\u5192\u752880\u7aef\u53e3(prio 7)<\/p>\n

\u53d8\u91cf\u89e3\u91ca:
\nUP\uff0cDOWN\u5206\u522b\u662f\u4e0a\u4f20\u548c\u4e0b\u8f7d\u603b\u5e26\u5bbd\u3002
\nUP2R\uff0cUP2C\uff0cUP3R\uff0cUP3C\uff0cDOWN2R\uff0cDOWN2C\uff0cDOWN3R\uff0cDOWN3C
\n2\u662f\u5c0f\u5305\u548c\u7f51\u9875\u6d4f\u89c8\u7684\u5206\u7c7b\u961f\u5217\u7f16\u53f7\uff0c3\u662fp2p\u8f6f\u4ef6\u5192\u752880\u7aef\u53e3\u7684\u5206\u7c7b\u961f\u5217\u7f16\u53f7\u3002UP\u548cDOWN\u5206\u522b\u4ee3\u8868\u4e0a\u884c\u548c\u4e0b\u8f7d\u3002
\nR\u4ee3\u8868rate\uff08\u4fdd\u8bc1\u901f\u7387\uff09\uff0cC\u4ee3\u8868ceil\uff08\u6700\u5927\u901f\u7387\uff09\u3002
\nUPLOADR\uff0cUPLOADC\uff0cDOWNLOADC\uff0cDOWNLOADR\u4ee3\u8868\u5355\u673a\u901f\u7387\u76844\u4e2a\u53c2\u6570\u3002
\nUIP\u662f\u5185\u7f51\u7528\u6237IP\u524d\u7f00\uff0cNET\u4ee3\u8868\u5185\u7f51\u7f51\u6bb5\u3002
\nUPSP=”:128 ” \u4e0a\u4f20\u6570\u636e\u5305\u4e2d\u5927\u5c0f\u57280—-128\u7684\u6570\u636e\u5305\u3002\uff08\u5c0f\u5305\uff0csmall packets)
\nDOWNSP=”:512″ \u540c\u4e0a\u3002
\nIPS=”2″\uff0c\u5f00\u59cbIP\u5730\u5740192.168.1.2
\nIPE=”8″\uff0c\u7ed3\u675fIP\u5730\u5740192.168.1.8<\/p>\n

\u7531\u4e8e\u6bcf\u4e2a\u4eba\u7684\u60c5\u51b5\u4e0d\u540c\uff0c\u53c2\u6570\u9700\u8981\u81ea\u5df1\u505a\u4e00\u4e9b\u8c03\u6574\u3002
\n\u5efa\u8bae\uff1a
\n1.\u603b\u5e26\u5bbd\u6700\u597d\u8bbe\u5c0f\u70b9\uff0c\u4ee5\u4fdd\u8bc1\u66f4\u597d\u7684\u7f51\u7edc\u5ef6\u8fdf\u3002
\n\u6bd4\u59822MADSL\u5b9e\u9645\u4e0b\u8f7d\u53ef\u8fbe205KB\/S\u6211\u8bbe180KB\/S\u3002\uff08\u5728linux\u4e2dbps=KB\/S\uff09
\n2.\u539f\u5219\u4e0a\uff0c\u6240\u6709\u5206\u7c7b\u7684rate\u4e4b\u548c\u5c0f\u4e8e\u603brate\uff0c \u5373IP\u6570*UPLOADR+UP2R+UP3R<=UP\uff0cIP\u6570*DOWNLOADR+DOWN2R+DOWN2R<=DOWN
\n3.UP2R\u548cDOWN2R\u5927\u7ea6\u4e3a\u603b\u5e26\u5bbd1\/3\u3002\u53ef\u4ee5\u81ea\u5df1\u5c1d\u8bd5\u8c03\u6574\u3002
\n4.\u4fee\u6539\u53d8\u91cf\u65f6\u5019\u6ce8\u610f\u5f15\u53f7\uff0c\u9017\u53f7\u662f\u82f1\u6587\u7684\uff0c\u7a7a\u683c\u4e0d\u8981\u4e71\u52a0\uff0c\u4e00\u65e6\u9519\u8bef\u5c06\u5bfc\u81f4\u811a\u672c\u65e0\u6cd5\u8fd0\u884c\u3002
\n5.\u6700\u540e\u7684\u8fde\u63a5\u6570\u9650\u5236\u4e3aTCP 50\uff0cUDP 80\u3002\u53ef\u81ea\u884c\u4fee\u6539\u3002
\n\u4f8b\u5916\u7aef\u53e3\u53ef\u4ee5\u6dfb\u52a0\u3002\u53ef\u4ee5\u5c06\u4e00\u4e9b\u6e38\u620f\u7aef\u53e3\u6dfb\u52a0\u8fdb\u53bb\u3002
\n\u6bd4\u5982\u9700\u8981\u4f8b\u5916UDP 53\uff0c100—200\uff0c3777\uff0c14555-14559
\n\u5c06
\niptables -t mangle -I LMT -s 192.168.1.0\/24 -p udp -m mport –dports 53 -j RETURN
\n\u6539\u6210
\niptables -t mangle -I LMT -s 192.168.1.0\/24 -p udp -m mport –dports 53,100:200,3777,14555:14559 -j RETURN
\n\u5c31OK\u4e86\u3002
\n\u6b22\u8fce\u5404\u4f4d\u6d4b\u8bd5\"\"\u00a0\"\"\u00a0\"\"\u00a0\"\"<\/p>\n

#!\/bin\/sh
\n#\u53d8\u91cf\u521d\u59cb\u5316
\nUP=”40kbps”
\nDOWN=”180kbps”
\nUP2R=”14kbps”
\nUP2C=”20kbps”
\nUP3R=”1kbps”
\nUP3C=”10kbps”
\nDOWN2R=”60kbps”
\nDOWN2C=”150kbps”
\nDOWN3R=”10kbps”
\nDOWN3C=”80kbps”
\nUPLOADR=”1kbps”
\nDOWNLOADR=”10kbps”
\nUPLOADC=”6kbps”
\nDOWNLOADC=”80kbps”
\nUIP=”192.168.1.”
\nNET=”192.168.1.0\/24″
\nUPSP=:128
\nDOWNSP=:512
\nIPS=”2″
\nIPE=”8″<\/p>\n

#\u88c5\u8f7d\u6838\u5fc3\u6a21\u5757,\u521b\u5efaQOS\u4e13\u7528\u94fe
\ninsmod imq
\ninsmod ipt_IMQ
\nifconfig imq1 up
\nifconfig imq0 up
\ninsmod ipt_length.o
\niptables -t mangle -N QOSDOWN
\niptables -t mangle -N QOSUP
\niptables -t mangle -I FORWARD -d $NET -j QOSDOWN
\niptables -t mangle -I FORWARD -s $NET -j QOSUP
\niptables -t mangle -A QOSDOWN -j IMQ –todev 0
\niptables -t mangle -A QOSUP -j IMQ –todev 1<\/p>\n

#\u6839\u961f\u5217\u521d\u59cb\u5316
\ntc qdisc del dev imq0 root
\ntc qdisc del dev imq1 root
\ntc qdisc add dev imq0 root handle 1: htb
\ntc qdisc add dev imq1 root handle 1: htb
\ntc class add dev imq1 parent 1: classid 1:1 htb rate $UP
\ntc class add dev imq0 parent 1: classid 1:1 htb rate $DOWN<\/p>\n

#\u7279\u6b8a\u961f\u5217(\u5c0f\u5305,http)\u521d\u59cb\u5316
\ntc class add dev imq0 parent 1:1 classid 1:2 htb rate $DOWN2R ceil $DOWN2C prio 0
\ntc class add dev imq0 parent 1:1 classid 1:3 htb rate $DOWN3R ceil $DOWN2C prio 7
\ntc filter add dev imq0 parent 1:0 protocol ip handle 2 fw flowid 1:2
\ntc filter add dev imq0 parent 1:0 protocol ip handle 3 fw flowid 1:3
\niptables -t mangle -A QOSDOWN -j BCOUNT
\niptables -t mangle -A QOSDOWN -m length –length $DOWNSP -j MARK –set-mark-return 2
\niptables -t mangle -A QOSDOWN -p tcp -m mport –sports 80,443 -m bcount –range :204800 -j MARK –set-mark-return 2
\niptables -t mangle -A QOSDOWN -p tcp -m mport –sports 80,443 -m bcount –range 204801: -j MARK –set-mark-return 3
\ntc class add dev imq1 parent 1:1 classid 1:2 htb rate $UP2R ceil $UP2C prio 0
\ntc class add dev imq1 parent 1:1 classid 1:3 htb rate $UP3R ceil $UP3C prio 7
\ntc filter add dev imq1 parent 1:0 protocol ip handle 2 fw flowid 1:2
\ntc filter add dev imq1 parent 1:0 protocol ip handle 3 fw flowid 1:3
\niptables -t mangle -A QOSUP -j BCOUNT
\niptables -t mangle -A QOSUP -m length –length :128 -j MARK –set-mark-return 2
\niptables -t mangle -A QOSUP -p tcp -m mport –dports 80,443 -m bcount –range :204800 -j MARK –set-mark-return 2
\niptables -t mangle -A QOSUP -p tcp -m mport –dports 80,443 -m bcount –range :204801 -j MARK –set-mark-return 3<\/p>\n

#\u7279\u6b8aIP\u9650\u901f\uff08\u672a\u7ed9\u51fa\uff09<\/p>\n

#\u6240\u6709\u666e\u901aIP\u5355\u72ec\u9650\u901f
\ni=$IPS;
\nwhile [ $i -le $IPE ]
\ndo
\ntc class add dev imq1 parent 1:1 classid 1:1$i htb rate $UPLOADR ceil $UPLOADC prio 2
\ntc qdisc add dev imq1 parent 1:1$i handle 1$i: sfq perturb 15
\ntc filter add dev imq1 parent 1:0 protocol ip handle 1$i fw classid 1:1$i
\ntc class add dev imq0 parent 1:1 classid 1:1$i htb rate $DOWNLOADR ceil $DOWNLOADC prio 2
\ntc qdisc add dev imq0 parent 1:1$i handle 1$i: sfq perturb 15
\ntc filter add dev imq0 parent 1:0 protocol ip handle 1$i fw classid 1:1$i
\niptables -t mangle -A QOSUP -s $UIP$i -j MARK –set-mark-return 1$i
\niptables -t mangle -A QOSDOWN -d $UIP$i -j MARK –set-mark-return 1$i
\ni=`expr $i + 1`
\ndone<\/p>\n

#\u6bcfIP\u9650\u5236TCP\u8fde\u63a5\u657050\uff0cUDP\u8fde\u63a5\u657080\uff0c\u5e76\u4e14\u5bf953,80\u7b49\u7aef\u53e3\u4f8b\u5916\uff08\u8be5\u6a21\u5757\u53ef\u4ee5\u5355\u72ec\u4f7f\u7528\uff09
\niptables -t mangle -N LMT
\niptables -t mangle -I PREROUTING -i br0 -j LMT
\niptables -t mangle -A LMT -p tcp –syn -m connlimit –connlimit-above 50 –connlimit-mask 32 -j DROP
\niptables -t mangle -A LMT -p udp -m udplimit –udplimit-above 80 –udplimit-mask 32 -j DROP
\niptables -t mangle -I LMT -s 192.168.1.0\/24 -p udp -m mport –dports 53 -j RETURN
\niptables -t mangle -I LMT -s 192.168.1.0\/24 -p tcp -m mport –dports 20:23,25,53,80,110,443 -j RETURN<\/p>\n

 <\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

\u539f\u6587\uff1a\u00a0http:\/\/bbs.dualwan.cn\/thread-12192-1-1.html<\/p>\n","protected":false},"excerpt":{"rendered":"

\u672c\u5e16\u6700\u540e\u7531 zhoutao0712 \u4e8e 2010-1-5 21:37 \u7f16\u8f91 \u5b66\u4e60iptables\u6709\u4e00\u6bb5\u65f6\u95f4\uff0c\u73b0 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/www.sangqiao.com\/blog\/wp-json\/wp\/v2\/posts\/35"}],"collection":[{"href":"https:\/\/www.sangqiao.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sangqiao.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sangqiao.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sangqiao.com\/blog\/wp-json\/wp\/v2\/comments?post=35"}],"version-history":[{"count":1,"href":"https:\/\/www.sangqiao.com\/blog\/wp-json\/wp\/v2\/posts\/35\/revisions"}],"predecessor-version":[{"id":36,"href":"https:\/\/www.sangqiao.com\/blog\/wp-json\/wp\/v2\/posts\/35\/revisions\/36"}],"wp:attachment":[{"href":"https:\/\/www.sangqiao.com\/blog\/wp-json\/wp\/v2\/media?parent=35"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sangqiao.com\/blog\/wp-json\/wp\/v2\/categories?post=35"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sangqiao.com\/blog\/wp-json\/wp\/v2\/tags?post=35"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}