[General] Traffic Shaper script that actually works! in VOIP Tech Chat http://www.dslreports.com/forum/r13423584 en Wed, 02 Dec 2009 15:12:50 EDT Wed, 02 Dec 2009 15:12:50 EDT Re: [General] Traffic Shaper script that actually http://www.dslreports.com/forum/remark,13424103 dleaberr : Good job. I love using linux for my firewall router. A long time search shows a thread where some of the details are discussed along with a few other script versions.

»[BroadVoice] Linux VOIP Router QOS script
Disclaimer: I am Daniel Leaberry

I still think the best way is to study a few of these scripts and then customize them to fit your particular situation. I use shorewall so I don't need specific iptables commands. Others use just iptables so it's fitting to have the commands.]]> http://www.dslreports.com/forum/remark,13424103 Mon, 16 May 2005 21:48:20 EDT [General] Traffic Shaper script that actually works! http://www.dslreports.com/forum/remark,13423584 scamiran : Hi all.
EDIT: This is for linux. It uses iptables and tc, so a recent-ish (2.4+) linux.
2nd EDIT: I've attached the file. Word wrap messes it up.

I'm kind of a noob at this thing, and really shouldn't take any credit for this, as it is all other peoples work, but I'll try and take credit for posting it here. I didn't find it in searches (on this board), so perhaps this is useful to someone.

The problem I've found that Wondershaper really only allows you to configure what should be low priority; it doesn't allow you to set a 'high' priority flag on certain traffic. This script, mostly from Matt Goebel (mlg9000(Errr...at)yahoo(dot)com), does the trick, however. I've changed just a couple lines, and added ICMP requests to high priority, so your ping times will always look good.

With Wondershaper, no matter how I set my PC to be low priority, and how low I'd set the caps (1/4 of my upload/download) my vonage would still break up. Here? I have no problems at all. Rock solid.

Works GREAT. This is what I expected out of wondershaper. I've tried to break it every which way, and its flawless.

So, here it is:
#!/bin/bash
#
# Linux Traffic Shaper Script (LTSS) version 0.1 beta (5/27/04)
# ----------------------------------------------------------------------------------        ------
 *---------
# (c) Copyright 2004, Matt Goebel (mlg9000(Errr...at)yahoo(dot)com)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
# Credit:
# ----------------------------------------------------------------------------------        ------
 *---------
# Daniel Leaberry's tcstart script
# Wondershaper 1.1a
# knowplace.org and the narc firewall
#
# Purpose / Function:
# ----------------------------------------------------------------------------------        ------
 *---------
# This script was written to provide traffic shaping for my own personal LAN's cable Inter
 *net
# connection. It ensures that regular network traffic does not interfere with my VOIP serv
 *ice.
# (Vonage.com) It also prioritizes other forms of interactive traffic so that uploads do n
 *ot have as
# big an impact on them as they otherwise would.  Only upstream traffic is shaped as downs
 *tream traffic
# is largely beyond our control.  At the moment this is a very simple script.  In the
# future it's functionality may be expanded upon and improved.  If you find this script us
 *eful,
# if you find any errors, or you have suggestions on ways to improve it, please let me kno
 *w.
#
# Prerequisites:
# ----------------------------------------------------------------------------------        ------
 *---------
# 1. A modern Linux kernel /w HTB (http://luxik.cdi.cz/~devik/qos/htb/index2.htm) support 
 *enabled
#    and the Netfilter module ipt_CLASSIFY.ko available (ipt_CLASSIFY.o for 2.4 kernels)
# 2. iproute /w tc that supports HTB
# 3. ipchains with CLASSIFY support (specifically libipt_CLASSIFY.so must be included)
# 4. A VOIP router from any provider, or VOIP software
#
# Usage:
# ----------------------------------------------------------------------------------        ------
 *---------
# Start the script - "ltss start"
# Stop the script - "ltss stop"
# Restart the script - "ltss restart"
# Show the Status - "ltss status"
#
# Note: Check your firewall rules to be sure this does not conflict with the rules set the
 *re
#
# Tested and known to work on (let me know so I can add these):
# - Fedora Core 2 (stock kernel, out of the box no special steps required)
#
# Installation:
# ----------------------------------------------------------------------------------        ------
 *---------
# 1. Modify the listed variables below to match your needs
# 2. Make this script executable and owned by root (chown root:root ltss, chmod 700 ltss)
# 3. Place this script in your start files (Optional)
#
# Variables (change these as needed):
# ----------------------------------------------------------------------------------        ------
 *---------
 
TC=/usr/sbin/tc             # Path to the tc command
IPTABLES=/usr/sbin/iptables # Path to the iptables command
UPSTREAM="450Kbit"      # Tweak this as needed (~90% total upload bandwidth is a good star
 *t)
EXTINT="eth0"           # External Interface
VOIP1="5060:5061"       # First port (or range) used by VOIP (UDP)
VOIP2="10000:20000"     # Second port range used by VOIP (Optional UDP - required for Vona
 *ge)
FPRIORITY="200Kbit"     # VOIP bandwidth req. (2x max bandwidth required for highest quali
 *ty call, used for 3 way calling)
SPRIORITY="150Kbit"     # Interactive and other higher priority bandwidth req.
LASTPRIORITY="100Kbit"  # Everything else (should be the rest of the bandwidth you have le
 *ft)
HP="domain,http,pop3,imap,https,imaps,ftp"  # TCP Traffic you want to give priority to (SS
 *H already included
HPTCP=""                # Other TCP traffic you want to give priority to (Port or Range of
 * Ports)
HPUDP="53"                # Other UDP traffic you want to give priority to (Port or Range 
 *of Ports)
 
# Script portion (should not need modification):
# ----------------------------------------------------------------------------------        ------
 *---------
 
if [ "$1" == "start" ] || [ "$1" == "restart" ] || [ "$1" == "stop" ]; then
        # Flush everything
        $TC qdisc del dev $EXTINT root 2> /dev/null > /dev/null
        fi
if [ "$1" == "start" ] || [ "$1" == "restart" ]; then
        # Start Traffic Shaper
        if [ "$1" == "start" ]; then
                echo "Starting Traffic Shaper........"
                fi
        if [ "$1" == "restart" ]; then
                echo "Restarting Traffic Shaper........"
                fi
        # Load CLASSIFY module
        modprobe ipt_CLASSIFY
        # Setup classes
        $TC qdisc add dev $EXTINT root handle 1: htb default 12 r2q 3
        $TC class add dev $EXTINT parent 1: classid 1:1 htb rate $UPSTREAM
        $TC class add dev $EXTINT parent 1:1 classid 1:10 htb rate $FPRIORITY ceil $UPSTRE
 *AM prio 0
        $TC class add dev $EXTINT parent 1:1 classid 1:11 htb rate $SPRIORITY ceil $UPSTRE
 *AM prio 1
        $TC class add dev $EXTINT parent 1:1 classid 1:12 htb rate $LASTPRIORITY ceil $UPS
 *TREAM prio 2
        $TC qdisc add dev $EXTINT parent 1:10 handle 10: sfq perturb 10
        $TC qdisc add dev $EXTINT parent 1:11 handle 11: sfq perturb 10
        $TC qdisc add dev $EXTINT parent 1:12 handle 12: sfq perturb 10
        # VOIP traffic
        iptables -t mangle -A POSTROUTING -o $EXTINT -p udp --dport $VOIP1 -j CLASSIFY --s
 *et-class 1:10
        if [ "$VOIP2" != "" ]; then
                iptables -t mangle -A POSTROUTING -o $EXTINT -p udp --dport $VOIP2 -j CLAS
 *SIFY --set-class 1:10
                fi
        # Setup secondary traffic
        # Give "overhead" packets priority
        iptables -t mangle -A POSTROUTING -o $EXTINT -p tcp --syn -m length --length 40:68
 * -j CLASSIFY --set-class 1:11
        iptables -t mangle -A POSTROUTING -o $EXTINT -p tcp --tcp-flags ALL SYN,ACK -m len
 *gth --length 40:68 -j CLASSIFY --set-class 1:11
        iptables -t mangle -A POSTROUTING -o $EXTINT -p tcp --tcp-flags ALL ACK -m length 
 *--length 40:100 -j CLASSIFY --set-class 1:11
        iptables -t mangle -A POSTROUTING -o $EXTINT -p tcp --tcp-flags ALL RST -j CLASSIF
 *Y --set-class 1:11
        iptables -t mangle -A POSTROUTING -o $EXTINT -p tcp --tcp-flags ALL ACK,RST -j CLA
 *SSIFY --set-class 1:11
        iptables -t mangle -A POSTROUTING -o $EXTINT -p tcp --tcp-flags ALL ACK,FIN -j CLA
 *SSIFY --set-class 1:11
        # Interactive SSH traffic
        iptables -t mangle -A POSTROUTING -o $EXTINT -p tcp --sport ssh -m length --length
 * 40:100 -j CLASSIFY --set-class 1:11
        iptables -t mangle -A POSTROUTING -o $EXTINT -p tcp --dport ssh -m length --length
 * 40:100 -j CLASSIFY --set-class 1:11
        # Interactive traffic
        if [ "$HP" != "" ]; then
                iptables -t mangle -A POSTROUTING -o $EXTINT -p tcp -m multiport --dport $
 *HP -j CLASSIFY --set-class 1:11
                fi
        # improve ICMP results
        tc filter add dev $EXTINT parent 1:0 protocol ip prio 10 u32 \
               match ip protocol 1 0xff flowid 1:10
 
        # Other TCP/UDP traffic
        if [ "$HPTCP" != "" ]; then
                iptables -t mangle -A POSTROUTING -o $EXTINT -p tcp -m multiport --dport $
 *HPTCP -j CLASSIFY --set-class 1:11
                fi
        if [ "$HPUDP" != "" ]; then
                iptables -t mangle -A POSTROUTING -o $EXTINT -p udp -m multiport --dport $
 *HPUDP -j CLASSIFY --set-class 1:11
                fi
        echo "Done."
        exit 0
        fi
if [ "$1" == "stop" ]; then
        # Stop Traffic Shaper
        echo "Stopping Traffic Shaper........"
        echo "Done."
        exit 0
        fi
if [ "$1" == "status" ]; then
        # Show Status
        echo "Current Traffic Shaper Status:"
        echo "---------------------------------------------------------------------------"
        tc -s qdisc ls dev $EXTINT
        tc -s class ls dev $EXTINT
        exit 0
        fi
if [ "$1" != "start" ] && [ "$1" != "restart" ] && [ "$1" != "stop" ] && [ "$1" != "status
 *" ]; then
        echo "Bad or missing parameters"
        echo "Usage: { start | stop | restart | status }"
        echo "start          = Start traffic shaper"
        echo "stop           = Stop traffic shaper"
        echo "restart        = Restart traffic shaper"
        echo "status         = Show status of traffic shaper"
        exit 1
        fi

(*) WARNING 40 long line(s) split
Keep in mind, I really had nothing to do with this, but its actually fairly simple to understand, and really does a much better job than wondershaper. You have to configure the settings at the top, but after that, everything works swimmingly. Place questions here. I'm sure I can't answer them, but there's probably someone here who can.

This setup really is flawless. I highly recommend it. Running azureus full time no longer even disrupts my ping times, my web browsing, my Vonage, or ssh.

Even when its cranked (like right now, uploading at 49 kB/s).
ltss.zip 2,885 bytes
(ltss)
]]> http://www.dslreports.com/forum/remark,13423584 Mon, 16 May 2005 20:42:17 EDT