Psst.. new poll here.
Psst.. new forums here.
Microsoft is blocking us again (TY IP Reputation!) so just use oauth login instead. :)
Paste
Pasted as Bash by Demiurg ( 16 years ago )
#! /bin/sh
#Интерфейсы
IFOUT1=ppp0 #
IPOUT1=`ifconfig ${IFOUT1}|grep "inet addr"|awk '{print $2}'|cut -d ':' -f 2`
GW1=`ifconfig ${IFOUT1}|grep "inet addr"|awk '{print $3}'|cut -d ':' -f 2`
#LOCALNET=10.1.0.0/16 # Local network
IFOUT2=ppp1 #
IPOUT2=`ifconfig ${IFOUT2}|grep "inet addr"|awk '{print $2}'|cut -d ':' -f 2`
GW2=`ifconfig ${IFOUT2}|grep "inet addr"|awk '{print $3}'|cut -d ':' -f 2`
#LOCALNET2=192.168.0.0/16 # Local network
#IFOUT3=ppp2 #
#IPOUT3=`ifconfig ${IFOUT3}|grep "inet addr"|awk '{print $2}'|cut -d ':' -f 2`
#GW3=`ifconfig ${IFOUT3}|grep "inet addr"|awk '{print $3}'|cut -d ':' -f 2`
#LOCALNET3=192.168.0.0/16 # Local network
#Включаем IP фарвординг
echo 1 > /proc/sys/net/ipv4/ip_forward
#Assign a default route to each table to send data out the related Interface [C]
ip route flush table T1
ip route add table T1 default via $GW1 dev $IFOUT1
ip route flush table T2
ip route add table T2 default via $GW2 dev $IFOUT2
#ip route flush table T3
#ip route add table T3 default via $GW3 dev $IFOUT3
#Clear out old rules
ip rule show | grep -Ev '^(0|32766|32767):|iif lo'
| while read PRIO NATRULE; do
ip rule del prio ${PRIO%%:*} $( echo $NATRULE | sed 's|all|0/0|' )
done
#We will fling packets based on the mark on Packet (this is the RPDB) [B]
ip rule add fwmark 101 table T1
ip rule add fwmark 102 table T2
#ip rule add fwmark 103 table T3
#Now we simply mark the packets we want with the mark to the interface [A]
#iptables -F PREROUTING -t mangle
iptables -I PREROUTING 1 -t mangle -m conntrack --ctorigdst $IPOUT1 -j MARK --set-mark 100 -m mark --mark 0
iptables -I PREROUTING 1 -t mangle -m conntrack --ctorigdst $IPOUT2 -j MARK --set-mark 102 -m mark --mark 0
#iptables -I PREROUTING 1 -t mangle -m conntrack --ctorigdst $IPOUT3 -j MARK --set-mark 103 -m mark --mark 0
#Assign multipath routes to each table, preferencing a particular interface
ip route flush table Equalize
ip route add table Equalize equalize default nexthop via $GW1 weight 1 nexthop via $GW2 weight 1 #nexthop via $GW3 weight 1
ip route flush table Pref1
ip route add table Pref1 default nexthop via $GW1 weight 100 nexthop via $GW2 weight 1 #nexthop via $GW3 weight 2
ip route flush table Pref2
ip route add table Pref2 default nexthop via $GW1 weight 2 nexthop via $GW2 weight 100 #nexthop via $GW3 weight 1
#ip route flush table Pref3
#ip route add table Pref3 default nexthop via $GW1 weight 1 nexthop via $GW2 weight 2 nexthop via $GW3 weight 100
#Add the rules matching marks to lookup tables
ip rule add fwmark 200 table Equalize
ip rule add fwmark 201 table Pref1
ip rule add fwmark 202 table Pref2
#ip rule add fwmark 203 table Pref3
#mark all packets send out an interface with the proper interface preference mark (if it's been equalized)
iptables -I POSTROUTING 1 -t mangle -o $IFOUT1 -j MARK --set-mark 201 -m mark --mark 200
iptables -I POSTROUTING 1 -t mangle -o $IFOUT2 -j MARK --set-mark 202 -m mark --mark 200
#iptables -I POSTROUTING 1 -t mangle -o $IFOUT3 -j MARK --set-mark 203 -m mark --mark 200
#the last line in POSTROUTING is the magic statement that stores the mark associated with the connection.
#iptables -A POSTROUTING -t mangle -j CONNMARK --save-mark
#ip route flush cache
#first line in PREROUTING will pull out the existing mark on the connection for the packet
#iptables -I PREROUTING 1 -t mangle -i eth1 -j CONNMARK --restore-mark
#Equalize HTTP Traffic with mark 201
#iptables -A PREROUTING -t mangle -p tcp --dport 80 -i eth1 -j MARK --set-mark 200 -m mark --mark 0
Revise this Paste
Parent: 16405
Children: 16409