Iptables + Tc speed limit script for Internet cafes per IP Address

#! /Bin/sh # xiaoh www.linuxbyte.org # define the inbound and outbound devices (eth0 Intranet and eth1 Internet) IDEV = "eth0" odev = "eth1" # define the total up/down bandwidth = "50 Mbit" down = "50 Mbit" # define the up/down bandwidth of each restricted IP address # rate start bandwidth upload = "4 Mbit" Download = "5 Mbit" # Ceil maximum bandwidth mupload = "5 Mbit" mdownload = "10 Mbit" # Intranet IP segment Inet = "192.168.0. "# Restricted IP range, IPS starting IP, and IPE ending IP. IPS = "1" IPE = "114" # Clear the original Nic queue rule TC qdisc del Dev $ odev Root 2>/dev/nulltc qdisc del Dev $ IDEV Root 2>/dev/ null # define the top layer (Root) queue rule, and specify the default category number TC qdisc add Dev $ odev root handle 10: htb default 256tc qdisc add Dev $ IDEV root handle 10: htb default 256 # define the 10:1 class of the first layer (total uplink/downlink bandwidth) TC class add Dev $ odev parent 10: classid 10:1 htb rate $ up Ceil $ uptc class add Dev $ IDEV parent 10: classid 10:1 htb rate $ down Ceil $ down # Start iptables tagging and set specific rules I = $ IPs; while [$ I-Le $ IPE] DOTC class add Dev $ odev parent 10:1 classid $ I htb rate $ upload Ceil $ mupload PRIO 1tc qdisc add Dev $ odev parent $ I handle 100 $ I: pfifotc filter add Dev $ odev parent 10: protocol ip prio 100 handle 2 $ I fw classid $ ITC class add Dev $ IDEV parent 10classid $ I htb rate $ download Ceil $ mdownload PRIO 1tc qdisc add Dev $ IDEV parent $ I handle 100 $ I: pfifotc filter add Dev $ IDEV parent 10: protocol ip prio 100 handle 2 $ I fw classid 10:2 $ iiptables-T mangle-A prerouting-S $ Inet $ I-j mark -- Set-mark 2 $ iiptables-T mangle- prerouting-S $ Inet $ I-j returniptables-T mangle-A postrouting-d $ Inet $ I-j mark -- Set-mark 2 $ iiptables-T mangle-A postrouting-d $ Inet $ I-j returnI = 'expr $ I + 1' done