Bash脚本不工作带宽整形

时间:2016-05-21 20:15:25

标签: bash bandwidth openvpn

我希望这是一个简单的答案

问题:

  1. 我在以下文件夹中放置了名为learn-address.sh的以下bash脚本:
  2.   

    vi /etc/openvpn/netem/learn-address.sh

    1. 在.conf文件中添加以下(2)行:
    2. script-security 3
      
      learn-address /etc/openvpn/netem/learn-address.sh
      
      1. 并将以下权限应用于学习地址脚本:
      2. chmod 755 /etc/openvpn/netem/learn-address.sh
        
        1. 但是,脚本会更新文件($ ip.classid和$ ip.dev) 在tmp文件中并正确传递变量

        2. 但是bash脚本不执行tc类和过滤器命令(qdisc没有变化)

        3. 当用户连接到OpenVPN或者还有其他我遗漏的东西时,我会在脚本上使用什么权限来执行tc类和过滤命令?

          < / LI>

          非常感谢

          脚本名称:learn-address.sh

          #!/bin/bash
          
          statedir=/tmp/
          
          function bwlimit-enable() {
          ip=$1
          user=$2
          dev=eth0
          
          # Disable if already enabled.
          bwlimit-disable $ip
          
          # Find unique classid.
          if [ -f $statedir/$ip.classid ]; then
              # Reuse this IP's classid
              classid=`cat $statedir/$ip.classid`
          else
              if [ -f $statedir/last_classid ]; then
                  classid=`cat $statedir/last_classid`
                  classid=$((classid+1))
              else
                  classid=1
              fi
              echo $classid > $statedir/last_classid
          fi
          
          # Find this user's bandwidth limit
          # downrate: from VPN server to the client
          # uprate: from client to the VPN server
          if [ "$user" == "myuser" ]; then
              downrate=10mbit
              uprate=10mbit
          elif [ "$user" == "anotheruser"]; then
              downrate=2mbit
              uprate=2mbit
          else
              downrate=5mbit
              uprate=5mbit
          fi
          
          # Limit traffic from VPN server to client
          tc class add dev $dev parent 1: classid 1:$classid htb rate $downrate
          tc filter add dev $dev protocol all parent 1:0 prio 1 u32 match ip dst $ip/32 flowid 1:$classid
          
          # Limit traffic from client to VPN server
          tc filter add dev $dev parent ffff: protocol all prio 1 u32 match ip src $ip/32 police rate $uprate burst 80k drop flowid :$classid
          
          # Store classid and dev for further use.
          echo $classid > $statedir/$ip.classid
          echo $dev > $statedir/$ip.dev
          }
          
          function bwlimit-disable() {
          ip=$1
          
          if [ ! -f $statedir/$ip.classid ]; then
              return
          fi
          if [ ! -f $statedir/$ip.dev ]; then
              return
          fi
          
          classid=`cat $statedir/$ip.classid`
          dev=`cat $statedir/$ip.dev`
          
          tc filter del dev $dev protocol all parent 1:0 prio 1 u32 match ip dst $ip/32
          tc class del dev $dev classid 1:$classid
          
          tc filter del dev $dev parent ffff: protocol all prio 1 u32 match ip src $ip/32
          
          # Remove .dev but keep .classid so it can be reused.
          rm $statedir/$ip.dev
          }
          
          # Make sure queueing discipline is enabled.
          tc qdisc add dev $dev root handle 1: htb 2>/dev/null || /bin/true
          tc qdisc add dev $dev handle ffff: ingress 2>/dev/null || /bin/true
          
          case "$1" in
              add|update)
                  bwlimit-enable $2 $3
                  ;;
              delete)
                  bwlimit-disable $2
                  ;;
              *)
                  echo "$0: unknown operation [$1]" >&2
                  exit 1
                  ;;
          esac
          
          exit 0
          

1 个答案:

答案 0 :(得分:0)

此处对tc的调用是在dev定义之前发生的,这是在您解析了函数参数并调用bwlimit-enablebwlimit-disable之后发生的。看起来你想要移动这两个电话:

# Make sure queueing discipline is enabled.
tc qdisc add dev $dev root handle 1: htb 2>/dev/null || /bin/true
tc qdisc add dev $dev handle ffff: ingress 2>/dev/null || /bin/true

...低于案例陈述。