config global global option mtu "1500" # the maximum allowed packet size (in bytes) on the interface being shaped option network "wan" # the name of the network whose interface should have its outgoing traffic shaped #option interface "eth1" # the name of the network interface which should have its outgoing traffic shaped config upload upload option total_bandwidth "600" # 600kbit/s option default_class "uclass_2" # default traffic class, must be a section of type upload_class config download download option total_bandwidth "4000" # 4000kbit/s (500Kbyte/s) option default_class "dclass_1" # default traffic class, must be a section of type download_class #upload classes config upload_class uclass_1 option percent_bandwidth "40" # percent of total bandwidth to use config upload_class uclass_2 option percent_bandwidth "20" # percent of total bandwidth to use option max_bandwidth "30" # max bandwidth useage in absolute speed (kbit/s) config upload_class uclass_3 option percent_bandwidth "30" # percent of total bandwidth to use option min_bandwidth "160" # min bandwidth to allocate to this class config upload_class uclass_4 option percent_bandwidth "10" # percent of total bandwidth to use #download classes config download_class dclass_1 option percent_bandwidth "30" # percent of total bandwidth to use option min_bandwidth "80" # min bandwidth to allocate to this class config download_class dclass_2 option percent_bandwidth "60" # percent of total bandwidth to use config download_class dclass_3 option percent_bandwidth "10" # percent of total bandwidth to use option min_bandwidth "80" # min bandwidth to allocate to this class # classification rules # # POSSIBLE OPTIONS: # class name of bandwidth class to use if rule matches, this is required in each rule section # test_order an integer that specifies the order in which the rule should be checked for a match (lower numbers are checked first) # proto check that packet has this protocol (tcp, udp, both), if port is specified default is both # source check that packet has this source ip, can optionally have /[mask] after it (see -s option in iptables man page) # destination check that packet has this destination ip, can optionally have /[mask] after it (see -d option in iptables man page) # dport check that packet has this destination port # sport check that packet has this source port # min_pkt_size check that packet is at least this size (in bytes) # max_pkt_size check that packet is no larger than this size (in bytes) # layer7 check whether packet matches layer7 specification # ipp2p check wither packet matches ipp2p specification (used to recognize p2p protocols) # "ipp2p" or "all" will match any of the specified p2p protocols, you can # also specifically match any protocol listed in the documentation here: # http://ipp2p.org/docu_en.html # # sytnax for upload rules and download rules is identical config upload_rule option class "uclass_4" option test_order "1" option destination "195.56.146.238" config upload_rule option class "uclass_3" option test_order "2" option proto "both" option dstport "80-90" config upload_rule option class "uclass_1" option test_order "3" option dstport "22" config upload_rule option class "uclass_3" option test_order "44" option proto "udp" option max_pkt_size "250" config upload_rule option class "uclass_3" option test_order "5" option proto "udp" option max_pkt_size "250" config upload_rule option class "uclass_4" option test_order "6" option ipp2p "all" config upload_rule option class "uclass_3" option test_order "7" option layer7 "pop3" #download rules config download_rule option class "dclass_2" option test_order "1" option dstport "80-90" config download_rule option class "dclass_3" option test_order "2" option ipp2p "all"