|
限制某时间内下不能上网,.可以
限制速度.需要和脚本,比较麻烦
参考下tomato限速加锁定ip、mac脚本
#!/bin/sh
ODEV="ppp0"
IDEV="eth0"
UP="60kbps"
DOWN="250kbps"
NGIP="192.168.1."
tc qdisc del dev $ODEV root 2>/dev/null
tc qdisc del dev $IDEV root 2>/dev/null
tc qdisc add dev $ODEV root handle 10: htb default 2254
tc qdisc add dev $IDEV root handle 10: htb default 2254
tc class add dev $ODEV parent 10: classid 10:1 htb rate $UP ceil $UP
tc class add dev $IDEV parent 10: classid 10:1 htb rate $DOWN ceil $DOWN
setipli()
{
tc class add dev $ODEV parent 10:1 classid 10:2$1 htb rate $3 ceil $4 prio $2
tc qdisc add dev $ODEV parent 10:2$1 handle 100$1: pfifo
tc filter add dev $ODEV parent 10: protocol ip prio $2 handle 2$1 fw classid 10:2$1
tc class add dev $IDEV parent 10:1 classid 10:2$1 htb rate $5 ceil $6 prio $2
tc qdisc add dev $IDEV parent 10:2$1 handle 100$1: pfifo
tc filter add dev $IDEV parent 10: protocol ip prio $2 handle 2$1 fw classid 10:2$1
iptables -t mangle -A PREROUTING -s $NGIP$1 -j MARK --set-mark 2$1
iptables -t mangle -A POSTROUTING -d $NGIP$1 -j MARK --set-mark 2$1
iptables -A FORWARD -i br0 -s $NGIP$1 -m mac --mac-source $7 -j ACCEPT
}
iptables -P FORWARD DROP
iptables -D FORWARD -i br0 -j ACCEPT
#这里设置内部的主机
setipli "224" "1" "10kbps" "60kbps" "50kbps" "250kbps" "00:14:22:7A:ED:58"
# ip,优先级,保证上传,最大上传,保证下载,最大下载,mac....mac地址与ip不一致就无法上网
setipli "52" "2" "2kbps" "10kbps" "10kbps" "170kbps" "00:E0:4CB:86:7F"
#~设置内部的主机END
iptables -I FORWARD -p tcp -s 192.168.1.52 -m connlimit --connlimit-above 200 -j DROP
iptables -I FORWARD -p tcp -s 192.168.1.117 -m connlimit --connlimit-above 200 -j DROP
iptables -I FORWARD -p tcp -s 192.168.1.51 -m connlimit --connlimit-above 200 -j DROP
tc class add dev $ODEV parent 10:1 classid 10:2254 htb rate 0kbps ceil 1kbps prio 4
tc qdisc add dev $ODEV parent 10:2254 handle 100254: pfifo
tc filter add dev $ODEV parent 10: protocol ip prio 100 handle 2254 fw classid 10:2254
tc class add dev $IDEV parent 10:1 classid 10:2254 htb rate 0kbps ceil 1kbps prio 4
tc qdisc add dev $IDEV parent 10:2254 handle 100254: pfifo
tc filter add dev $IDEV parent 10: protocol ip prio 100 handle 2254 fw classid 10:2254
tc class add dev $ODEV parent 10:1 classid 10:2254 htb rate 0kbps ceil 1kbps prio 4
tc qdisc add dev $ODEV parent 10:2254 handle 100254: pfifo
tc filter add dev $ODEV parent 10: protocol ip prio 100 handle 2254 fw classid 10:2254
tc class add dev $IDEV parent 10:1 classid 10:2254 htb rate 0kbps ceil 1kbps prio 4
tc qdisc add dev $IDEV parent 10:2254 handle 100254: pfifo
tc filter add dev $IDEV parent 10: protocol ip prio 100 handle 2254 fw classid 10:2254
[ 本帖最后由 fifa888 于 2007-11-27 19:17 编辑 ] |
|