linux_iptables_captive_portal_traffic_shaping_scripts_portalshaper
Differences
This shows you the differences between two versions of the page.
|
linux_iptables_captive_portal_traffic_shaping_scripts_portalshaper [2018/12/06 20:17] abeverley created |
linux_iptables_captive_portal_traffic_shaping_scripts_portalshaper [2018/12/06 20:18] (current) abeverley |
||
|---|---|---|---|
| Line 29: | Line 29: | ||
| ^Bit ^24-27 ^20-23 ^16-19 ^12-15 ^8-11^4-7^0-3^ | ^Bit ^24-27 ^20-23 ^16-19 ^12-15 ^8-11^4-7^0-3^ | ||
| - | |<html><strong></html>Use<html></strong></html> |Set by Squid to prevent packets to local-net being re-routed incorrectly|Bit 20 is set to "1" if the user is unauthorised (captive portal)|Used by load balancing to specify the interface|Traffic type. Used for traffic shaping| | + | |Use |Set by Squid to prevent packets to local-net being re-routed incorrectly|Bit 20 is set to "1" if the user is unauthorised (captive portal)|Used by load balancing to specify the interface|Traffic type. Used for traffic shaping| |
| ===== Bash scripts for tc and iptables ===== | ===== Bash scripts for tc and iptables ===== | ||
| Line 117: | Line 117: | ||
| The internet facing interfaces all have their own root qdisc applied. Ingress shaping is done using egress shaping on the local network interface. Because all the traffic passes through the one interface, multiple layers of classes are used, which use the full mark value (both the interface value and the traffic type value) to filter the traffic. An example for the local network is as follows: | The internet facing interfaces all have their own root qdisc applied. Ingress shaping is done using egress shaping on the local network interface. Because all the traffic passes through the one interface, multiple layers of classes are used, which use the full mark value (both the interface value and the traffic type value) to filter the traffic. An example for the local network is as follows: | ||
| - | <html><code></html> | ||
| <code> | <code> | ||
| Line 133: | Line 132: | ||
| 1:6662 < 380000bit - 3800Kbit > 721.9 kbit/s ( 62pps) | 1:6662 < 380000bit - 3800Kbit > 721.9 kbit/s ( 62pps) | ||
| </code> | </code> | ||
| - | <html></code></html> | + | |
| Full details of the HTB rules are contained at [[Fair_traffic_shaping_an_ADSL_line_for_a_local_network_using_Linux|this page]]. It should be noted that a "flow hash keys" rule is used to split the bandwidth in classes evenly per client IP address rather than connection stream. | Full details of the HTB rules are contained at [[Fair_traffic_shaping_an_ADSL_line_for_a_local_network_using_Linux|this page]]. It should be noted that a "flow hash keys" rule is used to split the bandwidth in classes evenly per client IP address rather than connection stream. | ||
| Line 198: | Line 197: | ||
| The final rules pull the above rules together and specify the location of the splash page: | The final rules pull the above rules together and specify the location of the splash page: | ||
| - | <html><code></html> | ||
| <code> | <code> | ||
| Line 204: | Line 202: | ||
| http_access deny session_day !session_is_active !images | http_access deny session_day !session_is_active !images | ||
| </code> | </code> | ||
| - | <html></code></html> | + | |
| You will notice that there is no rule to "login" the client IP address. This is achieved in the PHP script of the splash page, which shells out to the same external session helper and "logs in" the client IP address. The reason for this is to ensure that a user actually clicks on the "continue" button themself, otherwise things such as automatic downloads force the disappearance of the splash page. | You will notice that there is no rule to "login" the client IP address. This is achieved in the PHP script of the splash page, which shells out to the same external session helper and "logs in" the client IP address. The reason for this is to ensure that a user actually clicks on the "continue" button themself, otherwise things such as automatic downloads force the disappearance of the splash page. | ||
linux_iptables_captive_portal_traffic_shaping_scripts_portalshaper.txt ยท Last modified: 2018/12/06 20:18 by abeverley
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
