linux:bardziej_skomplikowany_skrypt

#!/bin/bash
E0=eth0
#Czyszczenie
tc qdisc del dev $E0 root 2> /dev/null

tc qdisc add dev $E0 handle 1: root htb default 14

tc class add dev $E0 classid 1:1 parent 1: htb rate 250kbit ceil 250kbit
tc class add dev $E0 classid 1:10 parent 1:1 htb rate 100kbit ceil 250kbit prio 2
tc class add dev $E0 classid 1:11 parent 1:1 htb rate 50kbit ceil 250kbit prio 2
tc class add dev $E0 classid 1:12 parent 1:1 htb rate 50kbit ceil 250kbit prio 1
tc class add dev $E0 classid 1:13 parent 1:1 htb rate 45kbit ceil 250kbit prio 3
tc class add dev $E0 classid 1:14 parent 1:1 htb rate 5kbit ceil 250kbit prio 3

tc qdisc add dev $E0 handle 2: parent 1:10 sfq perturb 3
tc qdisc add dev $E0 handle 3: parent 1:11 sfq perturb 3
tc qdisc add dev $E0 handle 4: parent 1:12 sfq perturb 3
tc qdisc add dev $E0 handle 5: parent 1:13 sfq perturb 3
tc qdisc add dev $E0 handle 6: parent 1:14 sfq perturb 3

#pakiety wychodzace na port 23 TCP
tc filter add dev $E0 protocol ip parent 1: prio 10 u32 \
	match u8 0x05 0x0f at 0 \
	match u8 0x06 0xff at 9 \
	match u16 0x0017 0xffff at 22 \
	flowid 1:10

#pakiety wychodzace na port 5001 TCP (ssh)
tc filter add dev $E0 protocol ip parent 1: prio 10 u32 \
	match u8 0x05 0x0f at 0 \
	match u8 0x06 0xff at 9 \
	match u16 0x1389 0xffff at 22 \
	flowid 1:11

#pakiety wychodzace na port 995 TCP
tc filter add dev $E0 protocol ip parent 1: prio 10 u32 \
	match u8 0x05 0x0f at 0 \
	match u8 0x06 0xff at 9 \
	match u16 0x03e3 0xffff at 22 \
	flowid 1:11

#pakiety wychodzace z portu 995 TCP
tc filter add dev $E0 protocol ip parent 1: prio 10 u32 \
	match u8 0x05 0x0f at 0 \
	match u8 0x06 0xff at 9 \
	match u16 0x03e3 0xffff at 20 \
	flowid 1:11

#pakiety wychodzace z portu 5001 TCP (ssh)
tc filter add dev $E0 protocol ip parent 1: prio 10 u32 \
	match u8 0x05 0x0f at 0 \
	match u8 0x06 0xff at 9 \
	match u16 0x1389 0xffff at 20 \
	flowid 1:11

#pakiety wychodzace na porty 443 80 25 143 993 TCP
for i in 443 80 25 143 993; do 
tc filter add dev $E0 protocol ip parent 1: prio 10 u32 \
	match u8 0x05 0x0f at 0 \
	match u8 0x06 0xff at 9 \
	match u16 `python -c "print hex($i)"` 0xffff at 22 \
	flowid 1:13
done
#pakiety wychodzace na port 53 UDP
tc filter add dev $E0 protocol ip parent 1: prio 10 u32 \
	match u8 0x05 0x0f at 0 \
	match u8 0x11 0xff at 9 \
	match u16 0x0035 0xffff at 22 \
	flowid 1:13

#pakiety wychodzace na port 80 TCP
#tc filter add dev $E0 protocol ip parent 1: prio 10 u32 \
#	match u8 0x05 0x0f at 0 \
#	match u8 <0x06:TCP; 0x11:UDP> 0xff at 9 \
#	match u16 <port w hex> 0xffff at <22:na; 20:z> \
#	flowid 1:11

#potwierdzenia TCP (ACK)
tc filter add dev $E0 protocol ip parent 1: prio 5 u32 \
	match u8 0x05 0x0f at 0 \
	match u8 0x06 0xff at 9 \
	match u8 0x10 0xff at 33 \
	match u16 0x0000 0xffc0 at 1 \
	flowid 1:12