#!/bin/sh
#
# Script by Ron Senykoff 2005
#####################################
############ VARIABLES ##############
#                                   #
e=eth0 # interface
nonVoipRate=150kbps # throttle for nonVoip - make sure to keep is slow enough
citrix=60kbps
video=110kbps
sametime=5kbps
bulk=10kbps

COLO1="x.x.x.x" # substitute IPs here
COLO2="x.x.x.x"
SAMETIME="x.x.x.x"
#                                   #
#####################################
#####################################

# Delete any old rules #
tc qdisc del root dev $e

#ifconfig $e txqueuelen 10
# root qdisc /  qdisc = queueing discipline #
tc qdisc add dev $e root handle 1: prio bands 2 priomap 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
# creates classes 1:1 and 1:2

# put a pfifo on so we can see it at the console
tc qdisc add dev $e parent 1:1 handle 11: pfifo

# on the second band of the prio we but an htb to keep
# the rest of the traffic from ever overrunning the link
# any traffic not caught by our filters goes to the bulk category
tc qdisc add dev $e parent 1:2 handle 10: htb default 40
tc class add dev $e parent 10: classid 10:1 htb rate $nonVoipRate

# define the inner classes of the htb - prioritized from 10 - 40
tc class add dev $e parent 10:1 classid 10:10 htb rate $citrix ceil $nonVoipRate quantum 1500
tc class add dev $e parent 10:1 classid 10:20 htb rate $video ceil $nonVoipRate
tc class add dev $e parent 10:1 classid 10:30 htb rate $sametime ceil $nonVoipRate quantum 1500
tc class add dev $e parent 10:1 classid 10:40 htb rate $bulk ceil $nonVoipRate quantum 1500

# add queues onto the htb classes
# default is pfifo - but this lets us see it with tc -s qdisc show dev eth0
tc qdisc add dev $e parent 10:10 handle 100: pfifo limit 50
tc qdisc add dev $e parent 10:20 handle 200: pfifo limit 10
tc qdisc add dev $e parent 10:30 handle 300: pfifo limit 10
# fair queuing on the bulk traffic
tc qdisc add dev $e parent 10:40 handle 400: sfq perturb 10

#####################################
############### VoIP ################
#                                   #

# IAX # this is the old format - IAX2 should be what's really seen going on
tc filter add dev $e protocol ip parent 1: prio 1 u32 match ip sport 5036 0xffff flowid 1:1
tc filter add dev $e protocol ip parent 1: prio 1 u32 match ip dport 5036 0xffff flowid 1:1

# IAX2 #
tc filter add dev $e protocol ip parent 1: prio 1 u32 match ip sport 4569 0xffff flowid 1:1
tc filter add dev $e protocol ip parent 1: prio 1 u32 match ip dport 4569 0xffff flowid 1:1

# match icmp echo request
#tc filter add dev $e protocol ip parent 1: prio 1 u32 match ip icmp_type 0x08 0xff flowid 1:1

# match icmp echo reply
#tc filter add dev $e protocol ip parent 1: prio 1 u32 match ip icmp_type 0x00 0xff flowid 1:1

######################################
# forward the rest to second priority#
tc filter add dev $e protocol ip parent 1: prio 2 u32 match ip src 0.0.0.0/0 flowid 1:2
tc filter add dev $e protocol ip parent 1: prio 2 u32 match ip dst 0.0.0.0/0 flowid 1:2

#####################################################
#### Classify band 2 of the priority queue ##########
#####################################################
##                                                 ##
##                                                 ##

#####################################
############### Citrix ##############
#                                   #

# SSH #
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 22 0xffff flowid 10:10
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 22 0xffff flowid 10:10

# CITRIX/ICA #
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 1494 0xffff flowid 10:10
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 1494 0xffff flowid 10:10

# CITRIX Metaframe #
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip src $CONNECTRIA1/32 flowid 10:10
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dst $CONNECTRIA1/32 flowid 10:10

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip src $CONNECTRIA2/32 flowid 10:10
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dst $CONNECTRIA2/32 flowid 10:10

#####################################
############### Video ###############
#                                   #

### Fixme - use better masks on the h323 ports to reduce the number of lines needed - should be faster

# H323 #
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 1720 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 1720 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 15328 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 15328 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 15329 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 15329 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 15330 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 15330 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 15331 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 15331 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 15332 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 15332 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3230 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3230 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3231 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3231 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3232 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3232 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3233 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3233 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3234 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3234 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3235 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3235 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3236 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3236 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3237 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3237 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3238 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3238 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3239 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3239 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3240 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3240 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3241 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3241 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3242 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3242 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3243 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3243 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3244 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3244 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3245 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3245 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3246 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3246 0xffff flowid 10:20

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip sport 3247 0xffff flowid 10:20
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dport 3247 0xffff flowid 10:20

#####################################
############ Sametime ###############
#                                   #

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip src $SAMETIME/32 flowid 10:30
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dst $SAMETIME/32 flowid 10:30

#####################################
######### Bulk / Default ############
#                                   #

tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip src 0.0.0.0/0 flowid 10:40
tc filter add dev $e protocol ip parent 10: prio 1 u32 match ip dst 0.0.0.0/0 flowid 10:40