发帖回复

786阅读
2回复

[问题求助]请教ipp2p的used的含义 [复制链接]

上一主题下一主题查看指定楼层

离线douxp.

初中三年级

发帖: 2188

C币: -193049

威望: 401

贡献值: 1

银元: 0

铜钱: 4922

人人网人气币: 0

只看楼主倒序阅读使用道具楼主发表于: 2009-05-01

我用lsmod命令查看得到：
[r.oot@GATEWAY d]# lsmod<性病>
M.odule                  Size  Used by    Not tainte.d电脑
i.pt_string         .     2680   0  (autoclean)电影
ipt_state       . .       1048   1  (autoclean)    外汇
ipt_connlimit           252.0   .1  (autoclean)服务器
ipt_ipp2p    .   .        7992   4  (autoclean)学习
cls_u32                 6300   2.  (autocl.ean)           鲜花
sch_sfq              .   4096  21  (autoclea.n)             电子
sch_cbq                14.912   2  (autocl.ean).
ipt_MASQUERADE    .      2744  21  (aut.oclean)             汽车
i..ptable_filter          2412   1  (autoclean)健康
iptable_nat            2.7480   1  (autocle.an) [ipt_MASQUERADE]    健康
ip_tables      .        17784   9  [ipt_string ipt_state ipt_c.onnlimit ipt_ipp2p ipt_MASQUERADE iptable_fil.ter iptable_nat].
parp.ort_pc             19076 .  0  (autoclean) (unused)(        游戏          )
lp                      8996.   0  (aut.oclean)(        游戏          )
parport      .          37056   0.  (autoclean) [parport_pc lp]<性病>
autofs                 13268.   0  (autoclean.) (unused)    美容
via-rhine              1.5856.   1.
8139.too                18088 .  1           建材
mii                     3976.   0  [vi.a-rhine 8139too](        游戏          )
ext.3         .          70784   3服务器
j.bd                    51892  . 3  [ext3]电影

请问比如说ipp2.p的USED是4，是不是说有四个人在.用p2p软件下载？投资

评价一下你浏览此帖子的感受

分享到 淘江湖新浪 QQ微博 QQ空间开心人人豆瓣网易微博百度鲜果白社会飞信

离线fu20.

初中三年级

发帖: 2018

C币: -199009

威望: 372

贡献值: 1

银元: -2

铜钱: 4553

人人网人气币: 0

只看该作者沙发发表于: 2010-04-13

意思是有 4 条 iptables 语句里包含了 -m ipp2p 的调用
也就是说 ipt_ipp2p 模块被使用了四次

同理，你的 -j MASQUERADE 应该在 21 条 iptables 语句里出现过，你的脚本效率够低的

离线速冻水饺.

初中三年级

发帖: 1986

C币: -605149

威望: 377

贡献值: 4

银元: -2

铜钱: 4410

人人网人气币: 0

只看该作者板凳发表于: 2010-04-13

呵呵。谢谢你了。
我用21条-j MASQUERADE的意思是因为有21个用户上网。我给他们就做了21个NAT，没有用网段来做，因为要控制每个IP上网。所以只好用21个了。
您再帮我看一看我的脚本，可以吗？
#!/bin/bash

#定义用的内网接口
INET_IF0="eth0"
#定义限制的下载的速度
UP_SD="200kbit"
DOWN_SD="400kbit"
#bounded is no,"" is yes
DKYESNO="bounded"

#arp -s 10.254.254.1 00:d0:f8:57:2e:7f
#arp -s 10.0.0.254 00:50:BA:69:B2:D7
#arp -s 192.168.10.1 00:e0:4c:8d:01:e4

arp -s 192.168.10.12 00:15:f2:e6:26:01
arp -s 192.168.10.15 00:50:BA:58:CA:8D
arp -s 192.168.10.16 00:04:61:9A:12:4F
arp -s 192.168.10.22 00:0D:87:D6:02:11
arp -s 192.168.10.23 00:e0:4c:c2:68:b4
arp -s 192.168.10.25 00:40:05:43:d6:1e
arp -s 192.168.10.33 00:E0:4C:8B:50:A9
arp -s 192.168.10.36 00:0d:61:bb:d1:b8
arp -s 192.168.10.80 00:11:25:ce:8f:76
#306笔记本电脑
arp -s 192.168.10.43 00:05:5d:e8:05:88
arp -s 192.168.10.45 00:e0:4c:90:4e:f1
arp -s 192.168.10.51 00:16:36:22:4c:c2
arp -s 192.168.10.52 00:14:2a:3a:ee:09
arp -s 192.168.10.82 00:11:5b:c3:93:76
#502的第二台电脑
arp -s 192.168.10.54 00:16:36:06:98:3a
arp -s 192.168.10.62 00:e0:4c:39:8c:28
arp -s 192.168.10.63 00:14:85:00:31:2c
arp -s 192.168.10.64 00:0F:EA:25:34:C3
arp -s 192.168.10.66 00:e0:4c:89:e5:12
arp -s 192.168.10.81 00:0d:60:7f:33:24
#606笔记本电脑

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -F
iptables -t filter -F
iptables -F
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP

iptables -t nat -A POSTROUTING -s 192.168.10.12 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.15 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.16 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.22 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.23 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.26 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.25 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.33 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.36 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.80 -j MASQUERADE
#306笔记本电脑
iptables -t nat -A POSTROUTING -s 192.168.10.43 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.45 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.51 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.52 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.82 -j MASQUERADE
#502的第二台电脑
iptables -t nat -A POSTROUTING -s 192.168.10.54 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.62 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.63 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.64 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.66 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.10.81 -j MASQUERADE
#606笔记本电脑

#禁止BT等P2P软件下载
iptables -A FORWARD -m ipp2p --ipp2p --bit --apple --winmx --soul --ares -j DROP
iptables -A FORWARD -m ipp2p --edk --kazaa --bit -j DROP
iptables -A FORWARD -p tcp -m ipp2p --ares -j DROP
iptables -A FORWARD -p udp -m ipp2p --kazaa -j DROP

iptables -A FORWARD -p tcp -m connlimit --connlimit-above 15 -j DROP

#转发内部IP
iptables -I FORWARD -s 192.168.10.0/24 -j ACCEPT
iptables -I FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
#iptables -A FORWARD -p icmp -d 10.254.254.1 -j DROP
#iptables -A FORWARD -p icmp -j DROP

iptables -A INPUT -s 192.168.10.0/24 -p tcp --destination-port 80 -j ACCEPT
iptables -A INPUT -s 192.168.10.0/24 -p tcp --destination-port 139 -j ACCEPT
iptables -A INPUT -s 192.168.10.15 -j ACCEPT
iptables -A INPUT -s 192.168.10.0/24 -p tcp --destination-port telnet -j ACCEPT
iptables -A INPUT -s 192.168.10.0/24 -p tcp --destination-port ssh -j ACCEPT
iptables -A INPUT -s 192.0.0.0/8 -j DROP
iptables -A INPUT -s 10.0.0.0/8 -j DROP
iptables -A INPUT -p icmp -j DROP

#让所有的LAN内部可以上网
#iptables -t nat -A 1 POSTROUTING -s 192.168.10.0/24 -j MASQUERADE

tc qdisc del dev eth0 root
tc qdisc del dev eth1 root
#定义队例
tc qdisc add dev $INET_IF0 root handle 10: cbq bandwidth 10Mbit avpkt 1000
#定义根类
tc class add dev $INET_IF0 parent 10:0 classid 10:1 cbq bandwidth 10Mbit rate 10Mbit allot 1514 weight 1Mbit prio 8 maxburst 15 avpkt 1000

#定义子类,限制速度,
IPID="12"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000
tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15
tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="15"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000
tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15
tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="16"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO
tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15
tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="22"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="23"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="25"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="33"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO
tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15
tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="36"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="80"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="43"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

IPID="45"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000
tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15
tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="51"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="52"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="82"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="54"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="62"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="63"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="64"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#定义子类,限制速度,
IPID="66"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

IPID="81"
tc class add dev $INET_IF0 parent 10:1 classid 10:$IPID cbq bandwidth 10Mbit rate $DOWN_SD allot 1514 weight 20kbit prio 5 maxburst 15 avpkt 1000 $DKYESNO

tc qdisc add dev $INET_IF0 parent 10:$IPID sfq quantum 1514b perturb 15

tc filter add dev $INET_IF0 parent 10:0 protocol ip prio 25 u32 match ip dst 192.168.10.$IPID flowid 10:$IPID

#上传限制
tc qdisc add dev eth1 root handle 20: cbq bandwidth 10Mbit avpkt 1000
tc class add dev eth1 parent 20:0 classid 20:1 cbq bandwidth 10Mbit rate 10Mbit allot 1514 weight 2Mbit prio 8 maxburst 20 avpkt 1000
tc class add dev eth1 parent 20:1 classid 20:100 cbq bandwidth 10Mbit rate 8Mbit allot 1514 weight $UP_SD prio 5 maxburst 20 avpkt 1000 bounded

tc qdisc add dev eth1 parent 20:100 sfq quantum 1514b perturb 15

tc filter add dev eth1 parent 20:0 protocol ip prio 100 u32 match ip src 192.168.10.0/24 flowid 20:100

#rdate -s 202.108.158.139

发帖回复

返回列表


	http://www.csuboy.com 访问内容超出本站范围，不能确定是否安全


	关闭您还没有登录，快捷通道只有在登录后才能使用。立即登录还没有帐号？赶紧注册一个


	关闭选中1篇全选