#!/bin/bash tc qdisc del dev eth0 root 2> /dev/null tc qdisc add dev eth0 handle 1:0 root htb default 13 tc class add dev eth0 classid 1:1 root htb rate 500kbit ceil 500kbit tc class add dev eth0 classid 1:10 parent 1:1 htb rate 100kbit ceil 500kbit prio 1 tc class add dev eth0 classid 1:11 parent 1:1 htb rate 100kbit ceil 500kbit prio 2 tc class add dev eth0 classid 1:12 parent 1:1 htb rate 250kbit ceil 500kbit prio 2 tc class add dev eth0 classid 1:13 parent 1:1 htb rate 50kbit ceil 500kbit prio 3 tc qdisc add dev eth0 handle 10:0 parent 1:10 sfq perturb 5 tc qdisc add dev eth0 handle 11:0 parent 1:11 sfq perturb 5 tc qdisc add dev eth0 handle 12:0 parent 1:12 sfq perturb 5 tc qdisc add dev eth0 handle 13:0 parent 1:13 sfq perturb 5 #ICMP #tc filter add dev eth0 pref 10 protocol ip u32 match u8 0x01 0xff at 9 flowid 1:12 #znane TCP for i in 22 25 80 110 143 443 465 587 993 995; do PORT_HEX=`python -c "print hex($i)"` tc filter add dev eth0 pref 10 protocol ip u32 \ match u8 0x07 0xff at 9 \ match u8 0x05 0x0f at 0 \ match u16 $PORT_HEX 0xffff at 22 \ flowid 1:12 done #znane UDP for i in 53; do PORT_HEX=`python -c "print hex($i)"` tc filter add dev eth0 pref 10 protocol ip u32 \ match u8 0x11 0xff at 9 \ match u8 0x05 0x0f at 0 \ match u16 $PORT_HEX 0xffff at 22 \ flowid 1:12 done #male SSH tc filter add dev eth0 pref 8 protocol ip u32 \ match u8 0x07 0xff at 9 \ match u8 0x05 0x0f at 0 \ match u16 0x16 0xffff at 22 \ match u16 0x0 0xff80 at 2 \ flowid 1:11 #pakiety ACK tc filter add dev eth0 pref 6 protocol ip u32 \ match u8 0x07 0xff at 9 \ match u8 0x05 0x0f at 0 \ match u16 0x0 0xff80 at 2 \ match u8 0x10 0x10 at 33 \ flowid 1:10
