Hey
Mam konto premium na rapidzie i sciagam z niego flashgetem jak wiadomo z rapida sciaga sie po http i tu zaczyna sie maly problem poniewaz sciaga on po http ta regulka wpada w port 80 i HIGH jak zrobic aby adres *rapidshare.com wpadal np w regulke MEDIUM (zaznaczam ze rapid ma kilka roznych IP wiec po IP to nie zadziala tzn. mozna probowac znalesc wszytskie ale po pierwsze dlugo by to trwalo po drugie niewiadomo ile tych IP posiada
P.S. oczywiscie chodzi mi o download, upload mnie nie interesuje
moj skrypt firewalla wyglada nastepujaco
iptables -I FORWARD 4 -i ppp0 -m layer7 --l7proto skypetoskype
iptables -I FORWARD 4 -i ppp0 -m layer7 --l7proto skypeout
#--------------------------------------------
#WRT54 Script Generator v1.00
#Copyright (C) 2006 Robert "Robson" Mytkowski
#--------------------------------------------
modprobe ipt_layer7
TCA="tc class add dev br0"
TFA="tc filter add dev br0"
TQA="tc qdisc add dev br0"
SFQ="sfq perturb 10"
tc qdisc del dev br0 root
tc qdisc add dev br0 root handle 1: htb
tc class add dev br0 parent 1: classid 1:1 htb rate 1000kbit
$TCA parent 1:1 classid 1:10 htb rate 33kbit ceil 699kbit prio 4
$TCA parent 1:1 classid 1:11 htb rate 33kbit ceil 699kbit prio 4
$TCA parent 1:1 classid 1:12 htb rate 256kbit ceil 1000kbit prio 0
$TCA parent 1:1 classid 1:13 htb rate 128kbit ceil 1000kbit prio 1
$TCA parent 1:1 classid 1:14 htb rate 64kbit ceil 1000kbit prio 2
$TCA parent 1:1 classid 1:15 htb rate 64kbit ceil 1000kbit prio 2
$TCA parent 1:1 classid 1:16 htb rate 64kbit ceil 1000kbit prio 2
$TCA parent 1:1 classid 1:17 htb rate 64kbit ceil 1000kbit prio 2
$TCA parent 1:1 classid 1:18 htb rate 64kbit ceil 1000kbit prio 2
$TCA parent 1:1 classid 1:19 htb rate 128kbit ceil 512kbit prio 0
$TCA parent 1:1 classid 1:20 htb rate 100kbit ceil 512kbit prio 2
$TQA parent 1:10 handle 10: $SFQ
$TQA parent 1:11 handle 11: $SFQ
$TQA parent 1:12 handle 12: $SFQ
$TQA parent 1:13 handle 13: $SFQ
$TQA parent 1:14 handle 14: $SFQ
$TQA parent 1:15 handle 15: $SFQ
$TQA parent 1:16 handle 16: $SFQ
$TQA parent 1:17 handle 17: $SFQ
$TQA parent 1:18 handle 18: $SFQ
$TQA parent 1:19 handle 19: $SFQ
$TQA parent 1:20 handle 20: $SFQ
$TFA parent 1:0 prio 4 protocol ip handle 10 fw flowid 1:10
$TFA parent 1:0 prio 4 protocol ip handle 11 fw flowid 1:11
$TFA parent 1:0 prio 0 protocol ip handle 12 fw flowid 1:12
$TFA parent 1:0 prio 1 protocol ip handle 13 fw flowid 1:13
$TFA parent 1:0 prio 2 protocol ip handle 14 fw flowid 1:14
$TFA parent 1:0 prio 2 protocol ip handle 15 fw flowid 1:15
$TFA parent 1:0 prio 2 protocol ip handle 16 fw flowid 1:16
$TFA parent 1:0 prio 2 protocol ip handle 17 fw flowid 1:17
$TFA parent 1:0 prio 2 protocol ip handle 18 fw flowid 1:18
$TFA parent 1:0 prio 0 protocol ip handle 19 fw flowid 1:19
$TFA parent 1:0 prio 2 protocol ip handle 20 fw flowid 1:20
iptables -t mangle -A POSTROUTING -m layer7 --l7proto bittorrent -j MARK --set-mark 10
iptables -t mangle -A POSTROUTING -m layer7 --l7proto edonkey -j MARK --set-mark 11
iptables -t mangle -A POSTROUTING -p tcp --sport 80 -j MARK --set-mark 12
iptables -t mangle -A POSTROUTING -p tcp --sport 443 -j MARK --set-mark 13
iptables -t mangle -A POSTROUTING -p tcp --sport 110 -j MARK --set-mark 14
iptables -t mangle -A POSTROUTING -m layer7 --l7proto rar -j MARK --set-mark 15
iptables -t mangle -A POSTROUTING -m layer7 --l7proto zip -j MARK --set-mark 16
iptables -t mangle -A POSTROUTING -m layer7 --l7proto exe -j MARK --set-mark 17
iptables -t mangle -A POSTROUTING -m layer7 --l7proto pdf -j MARK --set-mark 18
iptables -t mangle -A POSTROUTING -m layer7 --l7proto skypeout -j MARK --set-mark 19
iptables -t mangle -A POSTROUTING -m layer7 --l7proto skypetoskype -j MARK --set-mark 20
iptables -I FORWARD -p tcp -m layer7 --l7proto bittorrent -m connlimit --connlimit-above 600 -j DROP
iptables -I FORWARD -p tcp -m layer7 --l7proto edonkey -m connlimit --connlimit-above 600 -j DROP
jak widac cale pasmo w skrypcie jest juz wykorzystane ale mozna zlikwidowac skype i juc cos sie znajdzie
Edytowany przez fox2plus dnia 07-02-2007 08:18
Sprzedam domene http://high-definition.com.pl
WR850G OpenWRT+SB4Ls
WRT54GL Tomato 1.02
WRT54GL Tomato 1.04
AG-188 IFon+Betamax
fox2pluspl@sip.voipdiscount.com
55413@sip.ifon.pl
GG: 8384201
|