Hi all:
Current shorewall only support one level flat htb queue. Here it is a patch to
make htb support multiple level htb tree. It is based on shorewall shell. I
changed the format of tcclasses configure file.
eg. configure file
#INTERFACE MARK PARENT RATE CEIL PRIORITY
OPTIONS
eth2 0 - full full 3
default
eth2 T1 - full full 1
eth2 T10 T1 full/2 full/2 1
eth2 11 T1 full/2 full/2 1
eth2 T12 T1 full/2 full/2 1
eth2 101 T10 full/3 full/3 1
eth2 102 T10 full/3 full/3 1
eth2 121 T12 full/3 full/3 1
eth2 122 T12 full/3 full/3 1
will generate a tree like:
root 1:0
|
_1:1_
/ | \
/ | \
/ | \
10: 11: 12:
/ \ / \
10:1 10:2 12:1 12:2
The mark begin with a T is a tree node, following number is its tree id.
The mark witch is a number is fwmark, has the same meaning as before.
Parent is a column I added witch specifies the parent of the node, and '-'
means root. It must be a tree id witch is defined before it or a '-'.
#! /bin/sh /usr/share/dpatch/dpatch-run
## 60.tctree.dpatch by <[EMAIL PROTECTED]>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.
@DPATCH@
diff -urNad shorewall-shell-4.0.6~/lib.tc shorewall-shell-4.0.6/lib.tc
--- shorewall-shell-4.0.6~/lib.tc 2007-11-29 21:28:19.000000000 +0800
+++ shorewall-shell-4.0.6/lib.tc 2007-11-29 21:30:06.000000000 +0800
@@ -102,12 +102,12 @@
}
get_defmark_for_dev() {
- local searchdev searchmark device ceil prio options
+ local searchdev searchmark device parent ceil prio options
searchdev=$1
- while read device mark rate ceil prio options; do
+ while read device mark parent rate ceil prio options; do
options=$(separate_list $options | tr '[A-Z]' '[a-z]')
- tcdev="$device $mark $rate $ceil $prio $options"
+ tcdev="$device $mark $parent $rate $ceil $prio $options"
if [ "$searchdev" = "$device" ] ; then
list_search "default" $options && echo $mark &&return 0
fi
@@ -140,10 +140,10 @@
validate_tcclasses_file() {
progress_message2 "Validating $classfile..."
- local classlist device mark rate ceil prio bandw wrongopt allopts opt
+ local classlist classtree device mark rate ceil prio bandw wrongopt
allopts opt
allopts=""
- while read device mark rate ceil prio options; do
- tcdev="$device $mark $rate $ceil $prio $options"
+ while read device mark parent rate ceil prio options; do
+ tcdev="$device $mark $parent $rate $ceil $prio $options"
ratew=$(get_outband_for_dev $device)
options=$(separate_list $options | tr '[A-Z]' '[a-z]')
for opt in $options; do
@@ -159,14 +159,30 @@
if [ -z "$ratew" ] ; then
fatal_error "device $device seems not to be configured in
tcdevices"
fi
- list_search "$device-$mark" $classlist && fatal_error "Mark $mark
for interface $device defined more than once in tcclasses"
- #
- # Convert HEX/OCTAL mark representation to decimal
- #
- mark=$(($mark))
- verify_mark $mark
- [ $mark -lt 256 ] || fatal_error "Invalid Mark Value"
- classlist="$classlist $device-$mark"
+
+ # Check parent
+ if [ x$parent != x- ] ; then
+ list_search "$device-$parent" $classtree || fatal_error "Tree
$mark for interface $device does not exist in tcclasses"
+ fi
+
+ case $mark in
+ T*)
+ # This class is a tree node
+ list_search "$device-$mark" $classtree && fatal_error "Tree
$mark for interface $device defined more than once in tcclasses"
+ classtree="$classtree $device-$mark"
+ ;;
+ *)
+ # This class is a leaf node
+ list_search "$device-$mark" $classlist && fatal_error "Mark
$mark for interface $device defined more than once in tcclasses"
+ #
+ # Convert HEX/OCTAL mark representation to decimal
+ #
+ mark=$(($mark))
+ verify_mark $mark
+ [ $mark -lt 256 ] || fatal_error "Invalid Mark Value"
+ classlist="$classlist $device-$mark"
+ ;;
+ esac
done < $TMP_DIR/tcclasses
}
@@ -234,11 +250,28 @@
;;
esac
+ tree=0
+ case $mark in
+ T*)
+ tree=1
+ ;;
+ esac
+
eval devnum=\$${dev}_devnum
#
# Convert HEX/OCTAL mark representation to decimal
#
- mark=$(($mark))
+ if [ $tree = 0 ] ; then
+ mark=$(($mark))
+ else
+ mark=$((${mark/T/}+256))
+ fi
+
+ if [ x$parent = x- ] ; then
+ parent="$devnum:1"
+ else
+ parent=$devnum:${prefix}$((${parent/T/}+256))
+ fi
classid=$devnum:${prefix}${mark}
@@ -247,38 +280,40 @@
quantum=$(calculate_quantum $rate)
save_command "[ \$${dev}_mtu -gt $quantum ] && quantum=\$${dev}_mtu ||
quantum=$quantum"
- run_tc "class add dev $device parent $devnum:1 classid $classid htb
rate $rate ceil $ceil prio $prio mtu \$${dev}_mtu quantum \$quantum"
+ run_tc "class add dev $device parent $parent classid $classid htb rate
$rate ceil $ceil prio $prio mtu \$${dev}_mtu quantum \$quantum"
- run_tc qdisc add dev $device parent $classid handle ${prefix}${mark}:
sfq perturb 10
- #
- # add filters
- #
- if [ -n "$CLASSIFY_TARGET" ] && known_interface $device; then
- run_iptables -t mangle -A tcpost -o $device -m mark --mark
$mark/0xFF -j CLASSIFY --set-class $classid
- else
- run_tc filter add dev $device protocol ip parent $devnum:0 prio 1
handle $mark fw classid $classid
- fi
- #
- #options
- #
- list_search "tcp-ack" $options && run_tc filter add dev $device parent
$devnum:0 protocol ip prio 10 u32 match ip protocol 6 0xff match u8 0x05 0x0f
at 0 match u16 0x0000 0xffc0 at 2 match u8 0x10 0xff at 33 flowid $classid
- list_search "tos-minimize-delay" $options && options="$options
tos=0x10/0x10"
- list_search "tos-maximize-throughput" $options && options="$options
tos=0x08/0x08"
- list_search "tos-maximize-reliability" $options && options="$options
tos=0x04/0x04"
- list_search "tos-minimize-cost" $options && options="$options
tos=0x02/0x02"
- list_search "tos-normal-service" $options && options="$options
tos=0x00/0x1e"
+ if [ $tree = 0 ] ; then
+ run_tc qdisc add dev $device parent $classid handle
${prefix}${mark}: sfq perturb 10
+ #
+ # add filters
+ #
+ if [ -n "$CLASSIFY_TARGET" ] && known_interface $device; then
+ run_iptables -t mangle -A tcpost -o $device -m mark --mark
$mark/0xFF -j CLASSIFY --set-class $classid
+ else
+ run_tc filter add dev $device protocol ip parent $devnum:0 prio
1 handle $mark fw classid $classid
+ fi
+ #
+ #options
+ #
+ list_search "tcp-ack" $options && run_tc filter add dev $device
parent $devnum:0 protocol ip prio 10 u32 match ip protocol 6 0xff match u8 0x05
0x0f at 0 match u16 0x0000 0xffc0 at 2 match u8 0x10 0xff at 33 flowid $classid
+ list_search "tos-minimize-delay" $options &&
options="$options tos=0x10/0x10"
+ list_search "tos-maximize-throughput" $options &&
options="$options tos=0x08/0x08"
+ list_search "tos-maximize-reliability" $options &&
options="$options tos=0x04/0x04"
+ list_search "tos-minimize-cost" $options &&
options="$options tos=0x02/0x02"
+ list_search "tos-normal-service" $options &&
options="$options tos=0x00/0x1e"
- for tospair in $(list_walk "tos=" $options) ; do
- case $tospair in
- */*)
+ for tospair in $(list_walk "tos=" $options) ; do
+ case $tospair in
+ */*)
tosmask=${tospair##*/}
;;
*)
tosmask=0xff
;;
- esac
- run_tc filter add dev $device parent $devnum:0 protocol ip prio 10
u32 match ip tos ${tospair%%/*} $tosmask flowid $classid
- done
+ esac
+ run_tc filter add dev $device parent $devnum:0 protocol ip prio
10 u32 match ip tos ${tospair%%/*} $tosmask flowid $classid
+ done
+ fi
save_progress_message_short " TC Class $tcdev defined."
@@ -322,8 +357,8 @@
last_device=
- while read device mark rate ceil prio options; do
- tcdev="$device $mark $rate $ceil $prio $options"
+ while read device mark parent rate ceil prio options; do
+ tcdev="$device $mark $parent $rate $ceil $prio $options"
options=$(separate_list $options | tr '[A-Z]' '[a-z]')
dev=$(chain_base $device)
-------------------------------------------------------------------------
SF.Net email is sponsored by: The Future of Linux Business White Paper
from Novell. From the desktop to the data center, Linux is going
mainstream. Let it simplify your IT future.
http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
