小包优先+web优先+游戏爆发+单IP限速+连接数限制  脚本V2.0 #变量初始化(速率单位是KB/S) UIP="192.168.1." NET="192.168.1.0/24" IPS="2" IPE="8" UP=35 DOWN=180 UPLOADR=1 UPLOADC=8 DOWNLOADR=$(($DOWN/$((IPE-IPS+5)))) DOWNLOADC=$(($DOWN*80/100))

#装载核心模块,创建QOS专用链 insmod imq insmod ipt_IMQ insmod ipt_length.o insmod ipt_hashlimit.o ifconfig imq1 up ifconfig imq0 up iptables -t mangle -N QOSDOWN iptables -t mangle -N QOSUP iptables -t mangle -I FORWARD -s $NET -j QOSUP iptables -t mangle -I FORWARD -d $NET -j QOSDOWN iptables -t mangle -A QOSDOWN -j IMQ --todev 0 iptables -t mangle -A QOSUP -j IMQ --todev 1

#在5秒内平均下载速率小于10KB/S的IP进入高优先级队列253 iptables -t mangle -N GAME_BURST iptables -t mangle -A QOSDOWN -m length --length 256: -j GAME_BURST iptables -t mangle -A GAME_BURST -m hashlimit --hashlimit 10/sec --hashlimit-burst 100 --hashlimit-mode dstip --hashlimit-name game_burst -j RETURN iptables -t mangle -A GAME_BURST -m recent --rdest --name game_burst --set -j RETURN iptables -t mangle -A QOSDOWN -m recent --rdest --name game_burst ! --rcheck  --seconds 5 -j MARK --set-mark-return 253

#小包标记254(具有最高优先级）,web浏览标记255 iptables -t mangle -A QOSDOWN -p tcp -m mport --sports 80,443 -j BCOUNT iptables -t mangle -A QOSDOWN -p tcp -m mport --sports 80,443 -m bcount --range :307200 -j MARK --set-mark-return 255 iptables -t mangle -A QOSDOWN -m state --state ESTABLISHED -m length --length :256 -j MARK --set-mark-return 254 iptables -t mangle -A QOSUP -p tcp -m mport --dports 80,443 -j BCOUNT iptables -t mangle -A QOSUP -p tcp -m mport --dports 80,443 -m bcount --range :204800 -j MARK --set-mark-return 255 iptables -t mangle -A QOSUP -m state --state ESTABLISHED -m length --length :128 -j MARK --set-mark-return 254 iptables -t mangle -I QOSUP -m state --state NEW -p udp --dport 53 -j RETURN #单IP标记 iptables -t mangle -A QOSDOWN -j MARK --ipaddr 1 iptables -t mangle -A QOSUP -j MARK --ipaddr 0 #根队列初始化 tc qdisc del dev imq0 root tc qdisc del dev imq1 root tc qdisc add dev imq0 root handle 1: htb tc qdisc add dev imq1 root handle 1: htb tc class add dev imq1 parent 1: classid 1:1 htb rate $((UP))kbps tc class add dev imq0 parent 1: classid 1:1 htb rate $((DOWN))kbps

#小包，web浏览和游戏爆发队列限速 tc class add dev imq1 parent 1:1 classid 1:254 htb rate $((UP))kbps quantum 12000 prio 0 tc class add dev imq1 parent 1:1 classid 1:255 htb rate $((UP/5))kbps ceil $((UP/2))kbps quantum 2000 prio 3 tc filter add dev imq1 parent 1:0 protocol ip prio 5 handle 255 fw flowid 1:255 tc filter add dev imq1 parent 1:0 protocol ip prio 4 handle 254 fw flowid 1:254 tc class add dev imq0 parent 1:1 classid 1:254 htb rate $((DOWN))kbps quantum 12000 prio 0 tc class add dev imq0 parent 1:1 classid 1:255 htb rate $((DOWN*20/100))kbps ceil $((DOWN*80/100))kbps prio 3 tc filter add dev imq0 parent 1:0 protocol ip prio 5 handle 255 fw flowid 1:255 tc filter add dev imq0 parent 1:0 protocol ip prio 4 handle 254 fw flowid 1:254 tc class add dev imq0 parent 1:1 classid 1:253 htb rate $((DOWN/2))kbps quantum 5000 prio 1 tc filter add dev imq0 parent 1:0 protocol ip prio 5 handle 253 fw flowid 1:253

#所有普通IP单独限速 i=$IPS; while [ $i -le $IPE ] do tc class add dev imq1 parent 1:1 classid 1:$i htb rate $((UPLOADR))kbps ceil $((UPLOADC))kbps quantum 1000 prio 6 tc qdisc add dev imq1 parent 1:$i handle $i: sfq perturb 15 tc filter add dev imq1 parent 1:0 protocol ip prio 6 handle $i fw classid 1:$i tc class add dev imq0 parent 1:1 classid 1:$i htb rate $((DOWNLOADR))kbps ceil $((DOWNLOADC))kbps quantum 1000 prio 6 tc qdisc add dev imq0 parent 1:$i handle 1$i: sfq perturb 15 tc filter add dev imq0 parent 1:0 protocol ip prio 6 handle $i fw classid 1:$i i=`expr $i + 1` done