File: example.2.conf.ipq

package info (click to toggle)
shaperd 0.2.1-5.2
  • links: PTS
  • area: main
  • in suites: lenny, squeeze, wheezy
  • size: 280 kB
  • ctags: 320
  • sloc: cpp: 3,494; sh: 105; makefile: 82; ansic: 35
file content (75 lines) | stat: -rw-r--r-- 2,454 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
 
# example.2.conf.ipq : priority-based shaping (for 2.4 kernels)
#
# send a SIGHUP to reload this file with the command killall -HUP shaperd

# this is an "internal" log level (all logs are sent with facility daemon, 
# priority info; see the syslog manpage for more information).
# valid levels are:
# alert   (1)
# error   (2)
# warning (3)
# info    (4)
# debug1  (5)
# debug2  (6)
# log levels beggining from warning (3) will log unmatched packets
log level = info

# this is a required option. note that shaperd must have been built with
# the correct forwarding mechanism(s) in order for these to work
# see the README for further details
packet forwarding = ipq

# this is useful for debugging
# shaperd will run detached if set to "yes"
daemon = yes

# full path to shaperd's pidfile
# it will be generated in daemon mode only
pidfile = /var/run/shaperd.pid

class from_A {
	bandwidth = 100 kbyte/s

	# shape every telnet/ssh packet coming from A's net (client)
	# note: you can also use real (dns) host names instead of ip addresses
	ipv4 classifier prio=1 proto=tcp \
		inp_if=eth1 saddr=192.168.1.0/255.255.255.0 \
		out_if=eth0 daddr=192.168.0.0/255.255.255.0 dport=telnet,ssh

	# we'll also give high priority to icmp packets (to measure rtt)
	ipv4 classifier prio=1 proto=icmp \
		inp_if=eth1 saddr=192.168.1.0/255.255.255.0 \
		out_if=eth0 daddr=192.168.0.0/255.255.255.0

	# finally, shape the rest of the bits
	ipv4 classifier prio=0 \
		inp_if=eth1 saddr=192.168.1.0/255.255.255.0 \
		out_if=eth0 daddr=192.168.0.0/255.255.255.0

	# netfilter has the ability for forward just the pckts' headers, so
	# only the packet limit makes sense under 2.4
	queue limits = 0 kb 100 packets
}

class from_C {
	bandwidth = 100 kbyte/s

	# shape every telnet/ssh packet coming from C's net (server)
	ipv4 classifier prio=1 proto=tcp \
		inp_if=eth0 saddr=192.168.0.0/255.255.255.0 sport=telnet,ssh \
		out_if=eth1 daddr=192.168.1.0/255.255.255.0

	# we'll also give high priority to icmp packets (to measure rtt)
	ipv4 classifier prio=1 proto=icmp \
		inp_if=eth0 saddr=192.168.0.0/255.255.255.0 \
		out_if=eth1 daddr=192.168.1.0/255.255.255.0

	# shape the rest of the bits :-)
	ipv4 classifier prio=0 \
		inp_if=eth0 saddr=192.168.0.0/255.255.255.0 \
		out_if=eth1 daddr=192.168.1.0/255.255.255.0

	# netfilter has the ability for forward just the pckts' headers, so
	# only the packet limit makes sense under 2.4
	queue limits = 0 kb 100 packets
}