#!/bin/bash

#set -vx

tc qdisc del dev eth0 root 
tc qdisc del dev eth2 root 


# OUT ETH0
# default is NOT rate-limited
tc qdisc add dev eth0 root handle 1: htb default 10

tc class add dev eth0 parent 1: classid 1:1 htb rate 400kbit
# priv traffic gets 380kb
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 380kbit ceil 400kbit prio 0
# unpriv traffic gets 20kb but can rise to 100kb if not in use
tc class add dev eth0 parent 1:1 classid 1:20 htb rate 20kbit ceil 100kbit prio 1

# The author then recommends SFQ for beneath these classes:
tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev eth0 parent 1:20 handle 20: sfq perturb 10

# traffic with iptables-mangle mark 7 set (ie, wireless traffic) is unpriv
tc filter add dev eth0 protocol ip parent 1:0 handle 7 fw flowid 1:20



# OUT ETH2
# Functionally almost identical to the CBQ sample configuration above:
tc qdisc add dev eth2 root handle 1: htb default 20

tc class add dev eth2 parent 1: classid 1:1 htb rate 100mbit
# priv traffic gets 9.5 mbit, at least
tc class add dev eth2 parent 1:1 classid 1:10 htb rate 99800kbit ceil 10mbit prio 0
# unpriv traffic gets 200 kbit but can rise to 1mbit if it's available
tc class add dev eth2 parent 1:1 classid 1:20 htb rate 200kbit ceil 500kbit prio 1

# The author then recommends SFQ for beneath these classes:
tc qdisc add dev eth2 parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev eth2 parent 1:20 handle 20: sfq perturb 10

# OpenVPN traffic is priv
U32="tc filter add dev eth2 protocol ip parent 1:0 u32"
$U32 match ip sport 1194 0xffff flowid 1:10