"\t\tip $operator $ipaddr limit rate over $rate $unit/second drop\n"
}
+# qosdef_append_rule_{MATCH}_{STATEMENT}
+qosdef_append_rule_mac_limit() { # <macaddr> <operator> <unit> <rate>
+ local macaddr=$1
+ local operator=$2
+ local unit=$3
+ local rate=$4
+
+ qosdef_appendx \
+ "\t\tether $operator $macaddr limit rate over $rate $unit/second drop\n"
+}
+
# qosdef_append_rule_{MATCH}_{POLICY}
qosdef_append_rule_ip_policy() { # <operator> <ipaddr> <policy>
qosdef_appendx "\t\tip $1 $2 $3\n"
--- /dev/null
+#!/bin/sh
+# based on static.sh
+# Copyright (C) 2020 Tong Zhang<ztong0001@gmail.com>
+#
+
+. /lib/nft-qos/core.sh
+
+qosdef_validate_mac() {
+ uci_load_validate nft-qos default "$1" "$2" \
+ 'limit_mac_enable:bool:0'
+}
+
+# append rule for mac qos
+qosdef_append_rule_mac() { # <section> <operator>
+ local macaddr unit rate
+ local operator=$2
+
+ config_get macaddr $1 macaddr
+ if [ "$operator" = "saddr" ]; then
+ config_get unit $1 urunit
+ config_get rate $1 urate
+ else
+ config_get unit $1 drunit
+ config_get rate $1 drate
+ fi
+
+ [ -z "$macaddr" ] && return
+
+ qosdef_append_rule_mac_limit $macaddr $operator $unit $rate
+}
+
+# append chain for mac qos
+qosdef_append_chain_mac() { # <hook> <name> <section>
+ local hook=$1 name=$2
+ local config=$3 operator
+
+ case "$name" in
+ download) operator="daddr";;
+ upload) operator="saddr";;
+ esac
+
+ qosdef_appendx "\tchain $name {\n"
+ qosdef_append_chain_def filter $hook 0 accept
+ config_foreach qosdef_append_rule_mac $config $operator
+ qosdef_appendx "\t}\n"
+}
+
+qosdef_flush_mac() {
+ if [ -n "$NFT_QOS_HAS_BRIDGE" ]; then
+ qosdef_flush_table bridge nft-qos-mac
+ else
+ qosdef_flush_table "$NFT_QOS_INET_FAMILY" nft-qos-mac
+ fi
+}
+
+# limit rate by mac address init
+qosdef_init_mac() {
+ local hook_ul="prerouting" hook_dl="postrouting"
+
+ [ "$2" = 0 ] || {
+ logger -t nft-qos-mac "validation failed"
+ return 1
+ }
+
+ [ $limit_mac_enable -eq 0 ] && return 1
+
+ table_name=$NFT_QOS_INET_FAMILY
+ if [ -z "$NFT_QOS_HAS_BRIDGE" ]; then
+ hook_ul="postrouting"
+ hook_dl="prerouting"
+ else
+ table_name="bridge"
+ fi
+
+ qosdef_appendx "table $table_name nft-qos-mac {\n"
+ qosdef_append_chain_mac $hook_ul upload client
+ qosdef_append_chain_mac $hook_dl download client
+ qosdef_appendx "}\n"
+}
# list limit_whitelist '192.168.1.0/24'
# list limit_whitelist 'ABCD:CDEF::1/64'
+ # Option for Mac address based traffic control
+ option limit_mac_enable '0'
+
# Options for Traffic Priority
option priority_enable '0'
option priority_netdev 'lan'
# option ipaddr 'ABCD:FFED::1/64'
# option rate '1024'
#
+# For MAC address based traffic control Samples :
+#
+#config client
+# option drunit 'kbytes'
+# option urunit 'kbytes'
+# option hostname 'tvbox'
+# option macaddr '00:00:00:00:00:00'
+# option drate '300'
+# option urate '30'
#
# Traffic Priority Samples :
#
. /lib/nft-qos/monitor.sh
. /lib/nft-qos/dynamic.sh
. /lib/nft-qos/static.sh
+. /lib/nft-qos/mac.sh
. /lib/nft-qos/priority.sh
START=99
qosdef_validate_dynamic
qosdef_validate_static
qosdef_validate_priority
+ qosdef_validate_mac
procd_close_validate
}
config_load nft-qos
qosdef_init_env
+ qosdef_flush_mac
qosdef_flush_static
qosdef_flush_dynamic
qosdef_remove_priority
qosdef_init_monitor
qosdef_validate_dynamic default qosdef_init_dynamic
qosdef_validate_static default qosdef_init_static
+ qosdef_validate_mac default qosdef_init_mac
qosdef_validate_priority default qosdef_init_priority
qosdef_init_done
qosdef_start
stop_service() {
qosdef_flush_dynamic
qosdef_flush_static
+ qosdef_flush_mac
qosdef_remove_priority
qosdef_clean_cache
}
projects / feed / packages.git / commitdiff