[./gestion/gen_confs/firewall.py] Merge des changements effectués dans ./gestion/firewall.py
darcs-hash:20090329173235-8fbb1-94791d5a63effec2fad617ae4cf162a9ab0a5b39.gz
This commit is contained in:
Olivier Huber
parent
7e1a4bb1fe
commit
a6d4730055
1 changed files with 19 additions and 0 deletions
|
|
@ -617,6 +617,25 @@ class firewall_komaz(firewall_crans) :
|
||||||
iptables("-t mangle -A SUBNET-%(subnet)s -o ens -s %(ip)s "
|
iptables("-t mangle -A SUBNET-%(subnet)s -o ens -s %(ip)s "
|
||||||
"-j CLASSIFY --set-class 1:%(class_id)s" % locals())
|
"-j CLASSIFY --set-class 1:%(class_id)s" % locals())
|
||||||
|
|
||||||
|
# +-----------------+
|
||||||
|
# | QOS pour le ftp |
|
||||||
|
# +-----------------+
|
||||||
|
|
||||||
|
# On ne veut pas que les gens à l'éxtérieur bouffe toute la
|
||||||
|
# bande passante.
|
||||||
|
|
||||||
|
# Classification des paquets à destination du ftp
|
||||||
|
iptables("-t mangle -A POSTROUTING -o %(eth_int)s --destination 136.231.136.10 --destination-port 21 "
|
||||||
|
"-j CLASSIFY --set-class 1:9997" % locals())
|
||||||
|
|
||||||
|
debit_ftp = 12000
|
||||||
|
# Restriction
|
||||||
|
for interface in [self.eth_ext, self.eth_int]:
|
||||||
|
tc("class add dev %(interface)s parent 1:1 classid 1:9997 "
|
||||||
|
"htb rate %(debit_ftp)s ceil %(debit_ftp)s" % locals())
|
||||||
|
tc("qdisc add dev %(interface)s parent 1:9997 "
|
||||||
|
"handle %(qdisc_id)d: sfq perturb 10" % locals())
|
||||||
|
|
||||||
self.anim.reinit()
|
self.anim.reinit()
|
||||||
print OK
|
print OK
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue