#!/bin/sh

#
# Entscheiden was es zu tun gibt
#
case "${1}" in
  start) action=start ;;
  stop) action=stop ;;
  status) action=status ;;
esac

if [[ -z ${action} ]]; then
  echo "Traffic-Shaper runs only these commands: start, stop, status"
  exit
fi

#
# Sollen wir den Status anzeigen
#
if [ ${action} = "status" ]
then
  echo "[qdisc]"
  tc -s qdisc show dev wan

  echo ""
  echo "[class]"
  tc -s class show dev wan

  echo ""
  echo "[filter]"
  tc -s filter show dev wan

  echo ""
  echo "[iptables]"
  iptables -t mangle --list wanshaper -vn -x 2> /dev/null
  exit
fi

tc qdisc del dev wan root 2> /dev/null
iptables -t mangle -D FORWARD -o wan -j wanshaper 2> /dev/null
iptables -t mangle -D OUTPUT -o wan -j wanshaper 2> /dev/null
iptables -t mangle -F wanshaper 2> /dev/null
iptables -t mangle -X wanshaper 2> /dev/null

#
# Sollen wir den Vorgang anhalten
#
if [ ${action} = "stop" ]
then
  echo "Shaping stopped on wan."
  exit
fi

iptables -t mangle -N wanshaper
iptables -t mangle -A FORWARD -o wan -j wanshaper
iptables -t mangle -A OUTPUT -o wan -j wanshaper

# Priorität 1
# --------------------------------------------------------------------------
# SYN Pakete
iptables -t mangle -A wanshaper -p tcp --syn -j MARK --set-mark 1

# ICMP-Pakete
iptables -t mangle -A wanshaper -p icmp -j MARK --set-mark 1

# SSH
iptables -t mangle -A wanshaper -p tcp --dport 22 -j MARK --set-mark 1

# Alle Pakete die nicht vom Typ TCP sind
iptables -t mangle -A wanshaper -p ! tcp -j MARK --set-mark 1

# Priorität 2

# Priorität 3
# --------------------------------------------------------------------------
# HTTP
iptables -t mangle -A wanshaper -p tcp --dport 80 -j MARK --set-mark 3

# HTTPS
iptables -t mangle -A wanshaper -p tcp --dport 443 -j MARK --set-mark 3

# SMTP
iptables -t mangle -A wanshaper -p tcp --dport 25 -j MARK --set-mark 3

# Priorität 4
# Pakete die größer 1024 bytes sind
iptables -t mangle -A wanshaper -p tcp -m length --length 1024: -j MARK --set-mark 4

# Remaining packets are marked according to TOS
iptables -t mangle -A wanshaper -p tcp -m tos --tos Minimize-Delay -m mark --mark 0 -j MARK --set-mark 1
iptables -t mangle -A wanshaper -p tcp -m tos --tos Maximize-Throughput -m mark --mark 0 -j MARK --set-mark 2
iptables -t mangle -A wanshaper -p tcp -m tos --tos Minimize-Cost -m mark --mark 0 -j MARK --set-mark 3

tc qdisc add dev wan root handle 1:0 htb default 103 r2q 1
tc class add dev wan parent 1:0 classid 1:1 htb rate 400kbit burst 440kbit
tc class add dev wan parent 1:1 classid 1:101 htb prio 0 rate 200kbit ceil 400kbit
tc class add dev wan parent 1:1 classid 1:102 htb prio 1 rate 100kbit ceil 400kbit
tc class add dev wan parent 1:1 classid 1:103 htb prio 2 rate 64kbit ceil 400kbit
tc class add dev wan parent 1:1 classid 1:104 htb prio 3 rate 36kbit ceil 400kbit
tc filter add dev wan parent 1:0 protocol ip prio 0 handle 1 fw classid 1:101
tc filter add dev wan parent 1:0 protocol ip prio 1 handle 2 fw classid 1:102
tc filter add dev wan parent 1:0 protocol ip prio 2 handle 3 fw classid 1:103
tc filter add dev wan parent 1:0 protocol ip prio 3 handle 4 fw classid 1:104
tc qdisc add dev wan parent 1:101 sfq perturb 16
tc qdisc add dev wan parent 1:102 sfq perturb 16
tc qdisc add dev wan parent 1:103 sfq perturb 16
tc qdisc add dev wan parent 1:104 sfq perturb 16

echo "QoS started on wan."