在一台nat网关,用tc+iptab.les+htb来限速。eth1是内网网口,eth0是外网网口。内网.IP为192.168.1.xxx投资
在eth0上限上行速率,但是没有效果,被限速的IP上行速率没有变化。请问是什么原因?非常.感谢.!电脑
脚本如下:
#!/bin/sh
IDEV=eth1
ODEV=eth0
DOWNLINK=100
UPLINK=100
iptables -F -t n.at外贸
ipta.bles -F -t mangle(广告)
iptables -F
#为代理做端口转换
iptables -t nat -A PREROUTING.. -i eth1. -s 192.168.1.0/24 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080.
#做NAT
iptables -t nat -A POSTROUTING. -o eth0 -j MASQUERAD.E.
tc qdisc del dev $.IDE.V root 2>/dev/null.
tc qdisc del dev $O.DEV root 2>/d.ev/null教育
tc qdisc add dev $OD.EV root handle 1.: htb default 20 女人
tc class ad.d dev $ODEV parent .1: classid 1:1 htb rate 100kbps ceil 100kbps pr.io 0.
t.c class add dev $ODEV parent 1:1 classid 1:30 htb .rate 10kbps ceil. 10kbps prio 1外贸
#.对192..168.1.99的包打标,让它走1:30队列 杀毒
t.c filter . add dev $ODEV parent 1: protocol ip prio 1 handle .1 fw classid 1:30.
iptables -I. PREROUTING -t mangle -p tcp .-s 192.168.1.99/32 -j MA.RK --set-mark 0x1.
iptables -I PREROUTING -t mangl.e -p tcp -s 192.168.1.99/32 -j .RETURN电脑
ipt.ables -t mangle -A OU.TPUT -p tcp -s 192.1.68.1.99/32 -j MARK --set-mark 0x1健康
iptables -t mangle -A OUTPUT. -.p tcp -s 192.168.1.99/32 -j RETURN域名
[root@Test1 ~]# tc -s -d qdisc. show dev et.h0电影
qdisc. htb 1: root r2q 10 default 20 di.rect_packets_stat 1058 ver 3.17.
Sent 155570 bytes 1058 pkt (dropped .0, overlimits 0 .requeues 0) 美容
rate 0bit 0pps. backlog 0b 0p r.equeues 0<性病>
[root@Test1 ~]# tc -s -.d class show .dev eth0 电子
class htb 1:1 root rate. 80000bit ceil 80000bit burst 1609b/8. mpu 0b overh.ead 0b cburst 1609b/8 mpu 0b overhead 0b level 7 杀毒
Sent 0 bytes 0 pkt (dropped 0, .overli.mits 0 requeues 0).
rate 0bit 0pps. backlog 0b 0p re.queues 0教育
lend.ed: 0 borrowed: .0 giants: 0--------------彩票
tok.ens:. 157226 ctokens: 157226.
class htb 1:30 parent 1.:1 prio 1 qua.ntum 100.0 rate 800.00bit ceil 80000bit burst 1609b/8 mpu 0b overhead 0b cburst 1609b/8 mpu 0b overhead 0b level 0虚拟主机
S.ent 0 bytes 0 pkt (dropped 0, overlimits 0. requeues 0).
rate 0bit 0pps backlog 0b 0p requeu..es 0电脑
lende.d: 0 b.orrowed: 0 giants: 0投资
tokens: 157226 cto.k.ens: 157226.
[root@Test1 ~]# tc. .-s class show dev eth0 婚庆
class htb 1:1 root rate 80000bit c..eil 80000bit burst 1609b cburst 1609b教育
Sent 0 bytes 0 pkt (d.ropped 0, overl.imits 0 requeues 0)电脑
rate .0bit 0pps backlog .0b 0p requeues 0电影
lended:. 0 borrowed: 0 giants:. 0.
tokens:. 1572.26 ctokens: 157226 健康
class htb 1:30 parent 1:1 prio 1 r.ate 80000bit ceil .80000bit burst 1609b cb.urst 1609b.
Sent 0 by.tes 0 pkt (dropped 0, overlim.its 0 requeues 0) 外汇
rat.e 0bit 0.pps backlog 0b 0p requeues 0电影
lend.ed: 0 borrowed.: 0 giants: 0电影
tokens: 15722.6 ctokens: 1.57226( 游戏 )
[root@Test1 ~]# .ipt.ables-save.
# Ge.nerated by iptables-save v1.4.0 on Thu Aug 13 17:23:47. 2009 汽车
*mangle
:PREROUTING ACCEPT [157093:1.03137.698] 女人
:INPUT. ACCEPT [59340:316543.52] 女人
:FORWARD ACCE.PT [.97753:71483346]健康
:OUTPUT A.CCEPT [59440:3161440.9]服务器
:POSTROUTIN.G ACCEPT [15.7193:103097755].
-A PREROUTING -s 192.168.1.99/32 .-p tcp -j. RETURN 杀毒
-A PREROUTING -s 192.16.8.1.99/32 -p tcp -j .MARK --set-mark 0x1 健康
-A OUTPUT -s. 192.168..1.99/32 -p tcp -j MARK --set-mark 0x1 电子
-A OUTPUT -s 192.168.1.99/.32 -p tcp -j .RETURN.
COMMIT
# Com.pleted on Thu Aug 13 17:23.:47 2009 乙肝
# Gene.rated by iptables-save v1.4.0 on Thu Aug 13 17:23:47 .2009投资
*filter
:INPUT ACCEPT [5982.7:31712507]..
:FORWARD ACCE.PT [99152:7.2399484] 鲜花
:OUTPUT ACCEPT [596.78:31.654964]服务器
COMMIT
# Com.pleted o.n Thu Aug 13 17:23:47 2009 美容
# Generated by ip.tables-s.ave v1.4.0 on Thu Aug 13 17:23:47 2009.
*nat
:.PREROUTING ACCEPT .[3156:237023]虚拟主机
:POSTROUTING ACCEPT [872.:529.00].
:.O.UTPUT ACCEPT [1744:105284] 外汇
-A .PREROUTING -s 192..168.1.0/24 -.i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080.
-A POSTROUTING -o eth0 -j MASQUERAD..E 婚庆
COMMIT
# Completed on Th.u A.ug 13 17:23:47 2009虚拟主机
[ 本帖最后由 se.tsuna 于 2009.-8-13 19:03 编辑 ] 汽车
