代理服务器的设置
时间:2006-08-04 来源:liusong
设置基于mac地址的流量控制
查看通过代理服务器上网的计算机的ip和mac地址
more /proc/net/arp
我的代理服务器脚本
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -F
iptables -F -t nat
iptables -X -t nat
iptables -Z -t nat
iptables -F -t mangle
iptables -X -t mangle
iptables -Z -t mangle
#iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j SNAT --to w_ip
iptables -t nat -A POSTROUTING -s 192.168.9.0/24 -o eth0 -j SNAT --to w_ip
#192.168.9.198
iptables -I PREROUTING -t mangle -m mac --mac-source 00:11:5B:B3:DB:90 -j MARK --set-mark 3
#192.168.9.9
iptables -I PREROUTING -t mangle -m mac --mac-source 00:11:5B:B4:42:0D -j MARK --set-mark 4
#192.168.9.252
iptables -I PREROUTING -t mangle -m mac --mac-source 00:11:5B:B3:E7:44 -j MARK --set-mark 5
#192.168.9.10
iptables -I PREROUTING -t mangle -m mac --mac-source 00:11:5B:B3:C4:68 -j MARK --set-mark 6
#192.168.9.81
iptables -I PREROUTING -t mangle -m mac --mac-source 00:11:5B:B3:CF:95 -j MARK --set-mark 7
#192.168.9.202
iptables -I PREROUTING -t mangle -m mac --mac-source 00.11.5B.95.17.48 -j MARK --set-mark 8
#
iptables -I PREROUTING -t mangle -m mac --mac-source 00.09.6B.67.68.16 -j MARK --set-mark 9
#192.168.9.53
iptables -I PREROUTING -t mangle -m mac --mac-source 00.0D.87.BD.C4.25 -j MARK --set-mark 10
#192.168.9.222
iptables -I PREROUTING -t mangle -m mac --mac-source 00.11.5B.AB.60.F7 -j MARK --set-mark 11
#192.168.9.34
iptables -I PREROUTING -t mangle -m mac --mac-source 00:0E:A6:7E:4D:CA -j MARK --set-mark 12
#192.168.9.87
iptables -I PREROUTING -t mangle -m mac --mac-source 00:11:5B:B3:E5:86 -j MARK --set-mark 13
#192.168.9.63
iptables -I PREROUTING -t mangle -m mac --mac-source 00:0C:6E:65:52:3A -j MARK --set-mark 14
#iptables -I PREROUTING -t mangle -p tcp -s 192.168.10.0/24 -j MARK --set-mark 1
#iptables -I PREROUTING -t mangle -p tcp -s 192.168.9.0/24 -j MARK --set-mark 2
#ftp
#iptables -t nat -A PREROUTING -i eth0 -d w_ip -p tcp --dport ftp -j DNAT --to l_ip
#emule
#iptables -t nat -A PREROUTING -i eth0 -d w_ip -p tcp --dport 4665 -j DNAT --to l_ip
#--------------------
#上传流量控制
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 100: cbq bandwidth 10Mbit avpkt 1000
tc class add dev eth0 parent 100:0 classid 100:1 cbq bandwidth 10Mbit rate 10Mbit allot 1514 weight 60Kbit prio 8 maxburst 8 avpkt 1000 bounded
#tc class add dev eth0 parent 100:1 classid 100:2 cbq bandwidth 10Mbit rate 300Kbit allot 1513 weight 30Kbit prio 5 maxburst 8 avpkt 1000 bounded
#tc class add dev eth0 parent 100:1 classid 100:3 cbq bandwidth 10Mbit rate 300Kbit allot 1513 weight 32Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:4 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:5 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:6 cbq bandwidth 10Mbit rate 60Kbit allot 1513 weight 6Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:7 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:8 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:9 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:10 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:11 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:12 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:13 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:14 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:15 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
#tc qdisc add dev eth0 parent 100:2 sfq quantum 1514b perturb 15
#tc qdisc add dev eth0 parent 100:3 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:4 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:5 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:6 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:7 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:8 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:9 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:10 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:11 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:12 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:13 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:14 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:15 sfq quantum 1514b perturb 15
#tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 1 fw classid 100:2
#tc filter add dev eth0 parent 100:0 protocol ip prio 2 handle 2 fw classid 100:3
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 3 fw classid 100:4
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 4 fw classid 100:5
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 5 fw classid 100:6
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 6 fw classid 100:7
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 7 fw classid 100:8
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 8 fw classid 100:9
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 9 fw classid 100:10
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 10 fw classid 100:11
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 11 fw classid 100:12
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 12 fw classid 100:13
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 13 fw classid 100:14
tc filter add dev eth0 parent 100:0 protocol ip prio 2 handle 14 fw classid 100:15
#---------------------------------
#下载流量控制(双网卡方式)
tc qdisc del dev eth2 root
tc qdisc add dev eth2 root handle 200: cbq bandwidth 10Mbit avpkt 1000
tc class add dev eth2 parent 200:0 classid 200:1 cbq bandwidth 10Mbit rate 40000Kbit allot 1514 weight 200Kbit prio 8 maxburst 8 avp
kt 1000 bounded
tc class add dev eth2 parent 200:1 classid 200:2 cbq bandwidth 10Mbit rate 8000Kbit allot 1513 weight 100Kbit prio 5 maxburst 8 avpk
t 1000 bounded
tc qdisc add dev eth2 parent 200:2 sfq quantum 1514b perturb 15
tc filter add dev eth2 parent 200:0 protocol ip prio 25 u32 match ip dst 192.168.9.0/24 flowid 200:2
查看通过代理服务器上网的计算机的ip和mac地址
more /proc/net/arp
我的代理服务器脚本
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -F
iptables -F -t nat
iptables -X -t nat
iptables -Z -t nat
iptables -F -t mangle
iptables -X -t mangle
iptables -Z -t mangle
#iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j SNAT --to w_ip
iptables -t nat -A POSTROUTING -s 192.168.9.0/24 -o eth0 -j SNAT --to w_ip
#192.168.9.198
iptables -I PREROUTING -t mangle -m mac --mac-source 00:11:5B:B3:DB:90 -j MARK --set-mark 3
#192.168.9.9
iptables -I PREROUTING -t mangle -m mac --mac-source 00:11:5B:B4:42:0D -j MARK --set-mark 4
#192.168.9.252
iptables -I PREROUTING -t mangle -m mac --mac-source 00:11:5B:B3:E7:44 -j MARK --set-mark 5
#192.168.9.10
iptables -I PREROUTING -t mangle -m mac --mac-source 00:11:5B:B3:C4:68 -j MARK --set-mark 6
#192.168.9.81
iptables -I PREROUTING -t mangle -m mac --mac-source 00:11:5B:B3:CF:95 -j MARK --set-mark 7
#192.168.9.202
iptables -I PREROUTING -t mangle -m mac --mac-source 00.11.5B.95.17.48 -j MARK --set-mark 8
#
iptables -I PREROUTING -t mangle -m mac --mac-source 00.09.6B.67.68.16 -j MARK --set-mark 9
#192.168.9.53
iptables -I PREROUTING -t mangle -m mac --mac-source 00.0D.87.BD.C4.25 -j MARK --set-mark 10
#192.168.9.222
iptables -I PREROUTING -t mangle -m mac --mac-source 00.11.5B.AB.60.F7 -j MARK --set-mark 11
#192.168.9.34
iptables -I PREROUTING -t mangle -m mac --mac-source 00:0E:A6:7E:4D:CA -j MARK --set-mark 12
#192.168.9.87
iptables -I PREROUTING -t mangle -m mac --mac-source 00:11:5B:B3:E5:86 -j MARK --set-mark 13
#192.168.9.63
iptables -I PREROUTING -t mangle -m mac --mac-source 00:0C:6E:65:52:3A -j MARK --set-mark 14
#iptables -I PREROUTING -t mangle -p tcp -s 192.168.10.0/24 -j MARK --set-mark 1
#iptables -I PREROUTING -t mangle -p tcp -s 192.168.9.0/24 -j MARK --set-mark 2
#ftp
#iptables -t nat -A PREROUTING -i eth0 -d w_ip -p tcp --dport ftp -j DNAT --to l_ip
#emule
#iptables -t nat -A PREROUTING -i eth0 -d w_ip -p tcp --dport 4665 -j DNAT --to l_ip
#--------------------
#上传流量控制
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 100: cbq bandwidth 10Mbit avpkt 1000
tc class add dev eth0 parent 100:0 classid 100:1 cbq bandwidth 10Mbit rate 10Mbit allot 1514 weight 60Kbit prio 8 maxburst 8 avpkt 1000 bounded
#tc class add dev eth0 parent 100:1 classid 100:2 cbq bandwidth 10Mbit rate 300Kbit allot 1513 weight 30Kbit prio 5 maxburst 8 avpkt 1000 bounded
#tc class add dev eth0 parent 100:1 classid 100:3 cbq bandwidth 10Mbit rate 300Kbit allot 1513 weight 32Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:4 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:5 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:6 cbq bandwidth 10Mbit rate 60Kbit allot 1513 weight 6Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:7 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:8 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:9 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:10 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:11 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:12 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:13 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:14 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
tc class add dev eth0 parent 100:1 classid 100:15 cbq bandwidth 10Mbit rate 30Kbit allot 1513 weight 3Kbit prio 6 maxburst 8 avpkt 1000 bounded
#tc qdisc add dev eth0 parent 100:2 sfq quantum 1514b perturb 15
#tc qdisc add dev eth0 parent 100:3 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:4 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:5 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:6 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:7 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:8 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:9 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:10 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:11 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:12 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:13 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:14 sfq quantum 1514b perturb 15
tc qdisc add dev eth0 parent 100:15 sfq quantum 1514b perturb 15
#tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 1 fw classid 100:2
#tc filter add dev eth0 parent 100:0 protocol ip prio 2 handle 2 fw classid 100:3
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 3 fw classid 100:4
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 4 fw classid 100:5
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 5 fw classid 100:6
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 6 fw classid 100:7
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 7 fw classid 100:8
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 8 fw classid 100:9
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 9 fw classid 100:10
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 10 fw classid 100:11
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 11 fw classid 100:12
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 12 fw classid 100:13
tc filter add dev eth0 parent 100:0 protocol ip prio 1 handle 13 fw classid 100:14
tc filter add dev eth0 parent 100:0 protocol ip prio 2 handle 14 fw classid 100:15
#---------------------------------
#下载流量控制(双网卡方式)
tc qdisc del dev eth2 root
tc qdisc add dev eth2 root handle 200: cbq bandwidth 10Mbit avpkt 1000
tc class add dev eth2 parent 200:0 classid 200:1 cbq bandwidth 10Mbit rate 40000Kbit allot 1514 weight 200Kbit prio 8 maxburst 8 avp
kt 1000 bounded
tc class add dev eth2 parent 200:1 classid 200:2 cbq bandwidth 10Mbit rate 8000Kbit allot 1513 weight 100Kbit prio 5 maxburst 8 avpk
t 1000 bounded
tc qdisc add dev eth2 parent 200:2 sfq quantum 1514b perturb 15
tc filter add dev eth2 parent 200:0 protocol ip prio 25 u32 match ip dst 192.168.9.0/24 flowid 200:2
相关阅读 更多 +
