#! /bin/sh
#
# The Ultimate Setup For Your Internet Connection At Home
#
#               Set priorities on traffic
#
#		Written by <http://lartc.org/lartc.html#AEN2241>.
#
#		Modified by Thorsten Gunkel <tgunkel@gmx.de>.
#               to be used as an init.d script for Debian and to use iptables
#               for assigning the packages to the different classes.
#
#  Note: You need to change your device, your up- and downlink speed
#        and add iptables rules to mark your packages with 1 or 2 or 3
#
#  This script will create 3 classes:
#   Class 1: Packages in this class will be preferred
#   Class 2: This is for normal packages
#   Class 3: No realtime packages (e.g. huge downloads)
#
#  After you started this script you can easily assign packages to a class
#  with iptables:
#       # First mark all packages with 2 to get them in the default class
        iptables -t mangle -A PREROUTING                                                          -j MARK --set-mark 2 # Default Prio
        # Depending of their Type Of Service field change this to one of the other classes
        iptables -t mangle -A PREROUTING -m tos --tos Minimize-Cost                               -j MARK --set-mark 3 # Low     Prio
        iptables -t mangle -A PREROUTING -m tos --tos Maximize-Throughput                         -j MARK --set-mark 2 # Default Prio
        iptables -t mangle -A PREROUTING -m tos --tos Maximize-Reliability                        -j MARK --set-mark 1 # High    Prio
        iptables -t mangle -A PREROUTING -m tos --tos Minimize-Delay                              -j MARK --set-mark 1 # High    Prio
        # Add your packages packages her: (e.g. ping as realtime)
        iptables -t mangle -A PREROUTING -p icmp --icmp-type echo-request -m limit --limit 2/sec  -j MARK --set-mark 1 # Ping High to impress others and for testing


PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
NAME="trafficQD"
DESC="Traffic Queueing Disciplines"

# !!!! Set the following values to somewhat less than your       !!!!
# !!!! actual download and uplink speed. In kilobits             !!!!
# ----------------------------

## ISDN DUAL CHANNEL
# DOWNLINK=95
# UPLINK=95

## ISDN ONE CHANNEL
# DOWNLINK=48
# UPLINK=48

## DSL 1000 MBIT
DOWNLINK=800
UPLINK=100

# !!! YOUR DEVICE (ppp0, ippp0, ...)  !!!
DEV=ppp0
# ----------------------------


DESC="$DESC"" $DOWNLINK""d/""$UPLINK""u for $DEV"
set -e

my_start()
{
 ###### uplink
 # install root HTB, point default traffic to 1:20:
 tc qdisc add dev $DEV root handle 1: htb default 20
 # shape everything at $UPLINK speed - this prevents huge queues in your
 # DSL modem which destroy latency:
 tc class add dev $DEV parent 1: classid 1:1 htb rate ${UPLINK}kbit burst 6k

 # high prio class 1:10:
 tc class add dev $DEV parent 1:1 classid 1:10 htb rate ${UPLINK}kbit burst 6k prio 1

 # default   class 1:20 - gets slightly less traffic and a lower priority:
 tc class add dev $DEV parent 1:1 classid 1:20 htb rate $[9*$UPLINK/10]kbit burst 6k prio 2

 # bulk      class 1:30 - gets less traffic and a even lower priority:
 tc class add dev $DEV parent 1:1 classid 1:30 htb rate $[8*$UPLINK/10]kbit burst 6k prio 3

 # all three get Stochastic Fairness:
 tc qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10
 tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10
 tc qdisc add dev $DEV parent 1:30 handle 30: sfq perturb 10

 ## Pakets with iptables Mark 1 go to 1:10
 tc filter add dev $DEV parent 1:0 protocol ip prio 11 handle 1 fw flowid 1:10

 ## Pakets with iptables Mark 2 go to 1:20
 tc filter add dev $DEV parent 1:0 protocol ip prio 12 handle 2 fw flowid 1:20

 ## Pakets with iptables Mark 3 go to 1:30
 tc filter add dev $DEV parent 1:0 protocol ip prio 13 handle 3 fw flowid 1:30

 # rest is 'non-interactive' ie 'bulk' and ends up in 1:20

 ########## downlink #############
 # slow downloads down to somewhat less than the real speed  to prevent 
 # queuing at our ISP. Tune to see how high you can set it.
 # ISPs tend to have *huge* queues to make sure big downloads are fast
 #
 # attach ingress policer:
 tc qdisc add dev $DEV handle ffff: ingress

 #FIXME real-time ausschließen?
 # filter *everything* to it (0.0.0.0/0), drop everything that's coming in too fast:
 tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src \
 0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :1
}

my_stop()
{
 # clean existing down- and uplink qdiscs, hide errors
 tc qdisc del dev $DEV root    2> /dev/null > /dev/null
 tc qdisc del dev $DEV ingress 2> /dev/null > /dev/null
 sleep 1
}

my_status()
{
 tc filter show dev $DEV
 tc -s qdisc ls dev $DEV
}

case "$1" in
 start)
    echo -n "Starting $DESC: $NAME"
    my_stop && my_start
    echo "."
    ;;
 stop)
    echo -n "Stopping $DESC: $NAME"
    my_stop
    echo "."
    ;;
 restart|force-reload)
    echo -n "Restarting $DESC: $NAME"
    my_stop && my_start
    echo "."
    ;;
  status)
    todo=""
    echo -n "Status of $DESC: $NAME"
    echo "."
    my_status
    ;;
  *)
    N=/etc/init.d/$NAME
    echo "Usage: $N {start|stop|restart|force-reload} " >&2
    exit 1
    ;;
  esac

exit 0