set -e
-. ./common.sh
+# . ./common.sh
+IPTABLES=$(which iptables)
+IP6TABLES=$(which ip6tables)
+IPSET=$(which ipset)
+TC=$(which tc)
if [ $# -lt 1 ]
then
then
$IPTABLES -t mangle -A "${SHAPE_CHAIN}" "$@" -j MARK --set-mark ${prio}
fi
+ if ! $IP6TABLES -t mangle -C "${SHAPE_CHAIN}" "$@" -j MARK --set-mark ${prio} >/dev/null 2>&1
+ then
+ $IP6TABLES -t mangle -A "${SHAPE_CHAIN}" "$@" -j MARK --set-mark ${prio}
+ fi
}
shape_if "${EXT_IF}" "${UPLINK}" "${BURST}"
if ! $IPTABLES -t mangle -L "${SHAPE_CHAIN}" >/dev/null 2>&1
then
- echo "initializing chain '${SHAPE_CHAIN}'"
+ echo "initializing ipv4 chain '${SHAPE_CHAIN}'"
$IPTABLES -t mangle -N "${SHAPE_CHAIN}"
fi
+if ! $IP6TABLES -t mangle -L "${SHAPE_CHAIN}" >/dev/null 2>&1
+then
+ echo "initializing ipv6 chain '${SHAPE_CHAIN}'"
+ $IP6TABLES -t mangle -N "${SHAPE_CHAIN}"
+fi
+# prioritize small and responsive things
shape 1 -p icmp
+shape 1 -p ipv6-icmp
shape 1 -p udp
shape 1 -p tcp -m length --length :64
shape 1 -p tcp --syn -m length --length 40:68
shape 1 -p tcp --tcp-flags ALL ACK,RST
shape 1 -p tcp --tcp-flags ALL ACK,FIN
+# favor ssh
shape 2 -p tcp --dport 22
+# defavor ftp
shape 4 -p tcp --dport 20
shape 4 -p tcp --dport 115
+# bulk bittorrent
shape 5 -p tcp --dport 8881:8899
shape 5 -p tcp --sport 8881:8899
+# default everything else to middle
+shape 3 -m mark --mark 0
+
if ! $IPTABLES -t mangle -C POSTROUTING -o "${EXT_IF}" -j "${SHAPE_CHAIN}" >/dev/null 2>&1
then
- $IPTABLES -t mangle -C POSTROUTING -o "${EXT_IF}" -j "${SHAPE_CHAIN}"
+ $IPTABLES -t mangle -I POSTROUTING -o "${EXT_IF}" -j "${SHAPE_CHAIN}"
fi
+if ! $IP6TABLES -t mangle -C POSTROUTING -o "${EXT_IF}" -j "${SHAPE_CHAIN}" >/dev/null 2>&1
+then
+ $IP6TABLES -t mangle -I POSTROUTING -o "${EXT_IF}" -j "${SHAPE_CHAIN}"
+fi
+
+if [[ ! -e /etc/local.d/shaper.start ]]
+then
+ echo "add shaper to local rc start!"
+fi