abills.net.ua

freebsd 8.2 64

ipfw table all list
---table(10)---
10.10.10.0/24 10041
10.10.10.16/32 10098
---table(11)---
10.10.10.0/24 20041



в мониторинге 10,10,10,241 10,10,10,109 10,10,10,82

CLASSES_NUMS='2 3'
VERSION=5.4


name="abills_shaper"
rcvar=`set_rcvar`


: ${abills_shaper_enable="NO"}
: ${abills_shaper_if=""}
: ${abills_nas_id=""}
: ${abills_ip_sessions=""}
: ${abills_nat=""}
: ${abills_dhcp_shaper="NO"}
: ${abills_neg_deposit=""}
: ${abills_portal_ip="em0"}

load_rc_config $name
#run_rc_command "$1"

[root@sava /usr/local/etc/rc.d]# ./abills_shaper.sh start
startng_car shapperkldload: can't load ng_ether: File exists
kldload: can't load ng_car: File exists
kldload: can't load ng_ipfw: File exists
Traffic: 2
09980 skipto 10120 ip from table(12) to table(2) in recv ng_ipacct
09985 skipto 10125 ip from table(2) to table(13) out xmit ng_ipacct
10120 netgraph tablearg ip from table(12) to any in recv ng_ipacct
10125 netgraph tablearg ip from any to table(13) out xmit ng_ipacct
10220 allow ip from table(9) to table(2) in recv ng_ipacct
10225 allow ip from table(2) to table(9) out xmit ng_ipacct
Traffic: 3
09970 skipto 10130 ip from table(14) to table(3) in recv ng_ipacct
09975 skipto 10135 ip from table(3) to table(15) out xmit ng_ipacct
10130 netgraph tablearg ip from table(14) to any in recv ng_ipacct
10135 netgraph tablearg ip from any to table(15) out xmit ng_ipacct
10230 allow ip from table(9) to table(3) in recv ng_ipacct
10235 allow ip from table(3) to table(9) out xmit ng_ipacct
Global shaper
10000 netgraph tablearg ip from table(10) to any in recv ng_ipacct
10010 netgraph tablearg ip from any to table(11) out xmit ng_ipacct
10020 allow ip from table(9) to any in recv ng_ipacct
10025 allow ip from any to table(9) out xmit ng_ipacct
Session limit 5000
00400 skipto 65010 tcp from table(34) to any dst-port 80,443 via ng_ipacct
00401 skipto 65010 udp from table(34) to any dst-port 53 via ng_ipacct
00402 skipto 60010 tcp from table(34) to any via fxp0
64001 allow tcp from table(34) to any setup via ng_ipacct in limit src-addr 5000
64002 allow udp from table(34) to any via ng_ipacct in limit src-addr 5000
64003 allow icmp from table(34) to any via ng_ipacct in limit src-addr 5000



#Ipn configuration
$conf{IPN_DETAIL}=1;
$conf{IPN_DETAIL_MIN_SIZE}=1024;
$conf{IPN_STATIC_IP}=0;
#$conf{IPN_USERMENU}=1;
$conf{IPN_FILTER}="/usr/abills/misc/ipn_filter.sh";
$conf{IPN_DETAIL_CLEAN_PERIOD}=365;
#$conf{IPN_DEPOSIT_OPERATION}=1;
$conf{IPN_FW_FIRST_RULE}=20000;
$conf{IPN_FW_RULE_UID}=1;
$conf{IPN_FW_START_RULE}="/usr/local/bin/sudo /sbin/ipfw -q delete %NUM";
$conf{IPN_FW_START_RULE}="/usr/local/bin/sudo /sbin/ipfw -q add %NUM allow ip from %IP to any";
$conf{IPN_FW_START_RULE}="/usr/local/bin/sudo /sbin/ipfw -q add %NUM allow ip from any to %IP";
$conf{IPN_FW_STOP_RULE}="/usr/local/bin/sudo /sbin/ipfw -q delete %NUM";
$conf{IPN_FW_STOP_RULE}="/usr/local/bin/sudo /sbin/ipfw -q add %NUM deny ip from %IP to any";
$conf{IPN_FW_STOP_RULE}="/usr/local/bin/sudo /sbin/ipfw -q add %NUM deny ip from any to %IP";
$conf{MAIL_CHG_PASSWD}=1;
$conf{DHCPHOSTS_DEPOSITCHECK}=0;
$conf{DHCPHOSTS_CONFIG}='/usr/local/etc/dhcpd.conf';
$conf{DHCPHOSTS_RECONFIGURE}="/usr/local/bin/sudo /usr/local/etc/rc.d/isc-dhcpd";
$conf{DHCPHOSTS_LEASES}='db';
$conf{ng_car}=1;
$conf{CARDS_BRUTE_LIMIT}=5;
$conf{CARDS_BRUTE_CLEAN_PERIOD}=2;
$conf{CARDS_PAYMENT_PIN_LENGTH}=8;

$conf{mpd_filters}=1;


options><------>SC_PIXEL_MODE
options><------>SC_NORM_ATTR=(FG_GREEN|BG_BLACK)
options><------>SC_KERNEL_CONS_ATTR=(FG_RED|BG_BLACK)

options><------>IPFIREWALL
options><------>IPFIREWALL_NAT
options><------>IPFIREWALL_VERBOSE
options><------>IPFIREWALL_VERBOSE_LIMIT=1000
options><------>IPFIREWALL_FORWARD
options><------>IPDIVERT
options><------>DUMMYNET
options><------>IPFIREWALL_DEFAULT_TO_ACCEPT

options><------>DEVICE_POLLING
options><------>HZ=1000

options><------>NETGRAPH
options><------>LIBALIAS
options><------>NETGRAPH_ASYNC
options><------>NETGRAPH_BPF
options><------>NETGRAPH_BRIDGE
options><------>NETGRAPH_CAR
options><------>NETGRAPH_ECHO
options><------>NETGRAPH_ETHER
options><------>NETGRAPH_HOLE
options><------>NETGRAPH_IFACE
options><------>NETGRAPH_IPFW
options><------>NETGRAPH_KSOCKET
options><------>NETGRAPH_MPPC_ENCRYPTION
options><------>NETGRAPH_NAT
options><------>NETGRAPH_NETFLOW
options><------>NETGRAPH_ONE2MANY
options><------>NETGRAPH_PPP
options><------>NETGRAPH_PPPOE
options><------>NETGRAPH_SOCKET
options><------>NETGRAPH_SPLIT
options><------>NETGRAPH_TCPMSS
options><------>NETGRAPH_TEE
options><------>NETGRAPH_VJC

Ядро пересобрал !!

[root@sava /usr]# /usr/abills/libexec/billd checkspeed NAS_IDS=10 SHOW_SPEED=1;
evgeniy:
0 IN: 2048 OUT: 2048
stas:
0 IN: 2048 OUT: 2048
test09:
0 IN: 2048 OUT: 2048


ipfw list
00400 skipto 65010 tcp from table(34) to any dst-port 80,443 via ng_ipacct
00401 skipto 65010 udp from table(34) to any dst-port 53 via ng_ipacct
00402 skipto 60010 tcp from table(34) to any via fxp0
09970 skipto 10130 ip from table(14) to table(3) in recv ng_ipacct
09970 skipto 10130 ip from table(14) to table(3) in recv ng_ipacct
09975 skipto 10135 ip from table(3) to table(15) out xmit ng_ipacct
09975 skipto 10135 ip from table(3) to table(15) out xmit ng_ipacct
09980 skipto 10120 ip from table(12) to table(2) in recv ng_ipacct
09980 skipto 10120 ip from table(12) to table(2) in recv ng_ipacct
09985 skipto 10125 ip from table(2) to table(13) out xmit ng_ipacct
09985 skipto 10125 ip from table(2) to table(13) out xmit ng_ipacct
10000 netgraph tablearg ip from table(10) to any in recv ng_ipacct
10010 netgraph tablearg ip from any to table(11) out xmit ng_ipacct
10020 allow ip from table(9) to any in recv ng_ipacct
10020 allow ip from table(9) to any in recv ng_ipacct
10025 allow ip from any to table(9) out xmit ng_ipacct
10025 allow ip from any to table(9) out xmit ng_ipacct
10120 netgraph tablearg ip from table(12) to any in recv ng_ipacct
10125 netgraph tablearg ip from any to table(13) out xmit ng_ipacct
10130 netgraph tablearg ip from table(14) to any in recv ng_ipacct
10135 netgraph tablearg ip from any to table(15) out xmit ng_ipacct
10220 allow ip from table(9) to table(2) in recv ng_ipacct
10220 allow ip from table(9) to table(2) in recv ng_ipacct
10225 allow ip from table(2) to table(9) out xmit ng_ipacct
10225 allow ip from table(2) to table(9) out xmit ng_ipacct
10230 allow ip from table(9) to table(3) in recv ng_ipacct
10230 allow ip from table(9) to table(3) in recv ng_ipacct
10235 allow ip from table(3) to table(9) out xmit ng_ipacct
10235 allow ip from table(3) to table(9) out xmit ng_ipacct
64001 allow tcp from table(34) to any setup via ng_ipacct in limit src-addr 5000
64002 allow udp from table(34) to any via ng_ipacct in limit src-addr 5000
64003 allow icmp from table(34) to any via ng_ipacct in limit src-addr 5000
65535 allow ip from any to any


fxp0 входящая
em0 мокалка


[root@sava /usr]# ngctl list | grep test09
Name: class0_test09 Type: car ID: 00001f94 Num hooks: 2



Подскажи кто может подстажите !!!

09985 skipto 10125 ip from table(2) to table(13) out xmit ng_ipacct
10000 netgraph tablearg ip from table(10) to any in recv ng_ipacct

что за интерфейсы ng_ipacct ?

ng_ipacct - модуль под FreeBSD для учета трафика

http://www.opennet.ru/prog/info/1393.shtml


В чьом проблема ??

обновился

ipfw list
00400 skipto 65010 tcp from table(34) to any dst-port 80,443 via ng_ipacct
00401 skipto 65010 udp from table(34) to any dst-port 53 via ng_ipacct
00402 skipto 60010 tcp from table(34) to any via fxp0
05010 pipe 5010 ip from table(10,1) to any in recv ng_ipacct
05011 pipe 5011 ip from any to table(10,1) out xmit ng_ipacct
05020 allow ip from table(10,2) to any in recv ng_ipacct
05021 allow ip from any to table(10,2) out xmit ng_ipacct
05050 pipe 5050 ip from table(10,5) to any in recv ng_ipacct
05051 pipe 5051 ip from any to table(10,5) out xmit ng_ipacct
05060 pipe 5060 ip from table(10,6) to any in recv ng_ipacct
05061 pipe 5061 ip from any to table(10,6) out xmit ng_ipacct
05070 pipe 5070 ip from table(10,7) to any in recv ng_ipacct
05071 pipe 5071 ip from any to table(10,7) out xmit ng_ipacct
05080 pipe 5080 ip from table(10,8) to any in recv ng_ipacct
05081 pipe 5081 ip from any to table(10,8) out xmit ng_ipacct
05090 pipe 5090 ip from table(10,9) to any in recv ng_ipacct
05091 pipe 5091 ip from any to table(10,9) out xmit ng_ipacct
05100 pipe 5100 ip from table(10,10) to any in recv ng_ipacct
05101 pipe 5101 ip from any to table(10,10) out xmit ng_ipacct
05110 pipe 5110 ip from table(10,11) to any in recv ng_ipacct
05111 pipe 5111 ip from any to table(10,11) out xmit ng_ipacct
05120 pipe 5120 ip from table(10,12) to any in recv ng_ipacct
05121 pipe 5121 ip from any to table(10,12) out xmit ng_ipacct
10001 pipe 10001 ip from any to table(10,1128) out xmit ng_ipacct
10002 pipe 10002 ip from table(10,11536) to any in recv ng_ipacct
10003 pipe 10003 ip from any to table(10,11536) out xmit ng_ipacct
64001 allow tcp from table(34) to any setup via ng_ipacct in limit src-addr 5000
64002 allow udp from table(34) to any via ng_ipacct in limit src-addr 5000
64003 allow icmp from table(34) to any via ng_ipacct in limit src-addr 5000
64103 check-state
65535 allow ip from any to any

ipfw table all list
---table(1)---
0.0.0.0/0 0
---table(10)---
10.10.10.0/24 10052
10.10.10.51/32 6
10.10.10.243/32 10098
---table(11)---
10.10.10.0/24 20052
10.10.10.243/32 20098

Скорость дальше больше чем надо

/usr/abills/libexec/billd checkspeed NAS_IDS=10 SHOW_SPEED=1;
5poiwo:
0 IN: 2048 OUT: 2048
AL:
0 IN: 4096 OUT: 4096
bogdan:
0 IN: 4096 OUT: 4096


долно бить 2048 есть окло 7

я ж написал выше у Вас вместо интерфейса почемуто какая то програмапрописана

А ответ очень простой

в скрипте на писано ng* и програма правильно зделал взяла любой первий попавшийся файл ng*

и под руку попался даний модуль ng_ipacct

/usr/local/etc/rc.d/удалить постороние файли ))) ng* ))))))))