Bash脚本不工作带宽整形

Question

我希望这是一个简单的答案

问题：

1. 我在以下文件夹中放置了名为learn-address.sh的以下bash脚本：

  

vi /etc/openvpn/netem/learn-address.sh

1. 在.conf文件中添加以下（2）行：

script-security 3

learn-address /etc/openvpn/netem/learn-address.sh

1. 并将以下权限应用于学习地址脚本：

chmod 755 /etc/openvpn/netem/learn-address.sh

1. 但是，脚本会更新文件（$ ip.classid和$ ip.dev） 在tmp文件中并正确传递变量

2. 但是bash脚本不执行tc类和过滤器命令（qdisc没有变化）

3. 当用户连接到OpenVPN或者还有其他我遗漏的东西时，我会在脚本上使用什么权限来执行tc类和过滤命令？

   < / LI>

   非常感谢

   脚本名称：learn-address.sh

   #!/bin/bash
   
   statedir=/tmp/
   
   function bwlimit-enable() {
   ip=$1
   user=$2
   dev=eth0
   
   # Disable if already enabled.
   bwlimit-disable $ip
   
   # Find unique classid.
   if [ -f $statedir/$ip.classid ]; then
       # Reuse this IP's classid
       classid=`cat $statedir/$ip.classid`
   else
       if [ -f $statedir/last_classid ]; then
           classid=`cat $statedir/last_classid`
           classid=$((classid+1))
       else
           classid=1
       fi
       echo $classid > $statedir/last_classid
   fi
   
   # Find this user's bandwidth limit
   # downrate: from VPN server to the client
   # uprate: from client to the VPN server
   if [ "$user" == "myuser" ]; then
       downrate=10mbit
       uprate=10mbit
   elif [ "$user" == "anotheruser"]; then
       downrate=2mbit
       uprate=2mbit
   else
       downrate=5mbit
       uprate=5mbit
   fi
   
   # Limit traffic from VPN server to client
   tc class add dev $dev parent 1: classid 1:$classid htb rate $downrate
   tc filter add dev $dev protocol all parent 1:0 prio 1 u32 match ip dst $ip/32 flowid 1:$classid
   
   # Limit traffic from client to VPN server
   tc filter add dev $dev parent ffff: protocol all prio 1 u32 match ip src $ip/32 police rate $uprate burst 80k drop flowid :$classid
   
   # Store classid and dev for further use.
   echo $classid > $statedir/$ip.classid
   echo $dev > $statedir/$ip.dev
   }
   
   function bwlimit-disable() {
   ip=$1
   
   if [ ! -f $statedir/$ip.classid ]; then
       return
   fi
   if [ ! -f $statedir/$ip.dev ]; then
       return
   fi
   
   classid=`cat $statedir/$ip.classid`
   dev=`cat $statedir/$ip.dev`
   
   tc filter del dev $dev protocol all parent 1:0 prio 1 u32 match ip dst $ip/32
   tc class del dev $dev classid 1:$classid
   
   tc filter del dev $dev parent ffff: protocol all prio 1 u32 match ip src $ip/32
   
   # Remove .dev but keep .classid so it can be reused.
   rm $statedir/$ip.dev
   }
   
   # Make sure queueing discipline is enabled.
   tc qdisc add dev $dev root handle 1: htb 2>/dev/null || /bin/true
   tc qdisc add dev $dev handle ffff: ingress 2>/dev/null || /bin/true
   
   case "$1" in
       add|update)
           bwlimit-enable $2 $3
           ;;
       delete)
           bwlimit-disable $2
           ;;
       *)
           echo "$0: unknown operation [$1]" >&2
           exit 1
           ;;
   esac
   
   exit 0
   

Answer 1

此处对tc的调用是在dev定义之前发生的，这是在您解析了函数参数并调用bwlimit-enable或bwlimit-disable之后发生的。看起来你想要移动这两个电话：

# Make sure queueing discipline is enabled.
tc qdisc add dev $dev root handle 1: htb 2>/dev/null || /bin/true
tc qdisc add dev $dev handle ffff: ingress 2>/dev/null || /bin/true

...低于案例陈述。