/* $Id$ */ /* traffic_shaper_wizard.xml part of pfSense (http://www.pfsense.org/) Copyright (C) 2005 Bill Marquette - bill.marquette@gmail.com. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ 7 1 true This wizard will guide you through setting up the pfSense traffic shaper. Next submit Going any further will wipe your existing shaper config! /* wipe previous */ unset($config['shaper']['queue']); unset($config['shaper']['rule']); $config['shaper']['enable'] = FALSE; 2 WAN connection speed Download The download speed of your WAN link in Kbits/second. input ^[0-9]*$ Download speed must be numerical Upload The upload speed of your WAN link in Kbits/second. input ^[0-9]*$ Upload speed must be numerical Next submit /* XXX we need to bail and force the user to redo this step if the WAN speeds are 0 */ /* Magic shaper uses HFSC */ $config['system']['schedulertype'] = "hfsc"; /* Create queues */ /* WAN queues */ $queue = array(); $queue['name'] = "qWANRoot"; $queue['associatedrule'] = 0; $queue['priority'] = 6; $queue['parentqueue'] = "on"; $queue['bandwidth'] = (int)$_POST['upload']; $queue['bandwidthtype'] = "Kb"; $config['shaper']['queue'][] = $queue; $queue = array(); $queue['name'] = "qWANdef"; $queue['attachtoqueue'] = "qWANRoot"; $queue['associatedrule'] = 0; $queue['defaultqueue'] = 'true'; $queue['priority'] = 3; $queue['realtime'] = "on"; $queue['realtime1'] = "10%"; $queue['realtime2'] = "1"; $queue['realtime3'] = "10%"; $queue['upperlimit'] = "on"; $queue['upperlimit1'] = "90%"; $queue['upperlimit2'] = "1"; $queue['upperlimit3'] = "90%"; $queue['linkshare'] = "on"; $queue['linkshare1'] = "1%"; $queue['linkshare2'] = "1"; $queue['linkshare3'] = "1%"; $queue['bandwidth'] = "0"; $queue['bandwidthtype'] = "Kb"; $config['shaper']['queue'][] = $queue; /* LAN queue */ $queue = array(); $queue['name'] = "qLANRoot"; $queue['associatedrule'] = 0; $queue['priority'] = 6; $queue['parentqueue'] = "on"; $queue['bandwidth'] = (int)$_POST['download']; $queue['bandwidthtype'] = "Kb"; $config['shaper']['queue'][] = $queue; $queue = array(); $queue['name'] = "qLANdef"; $queue['priority'] = 3; $queue['attachtoqueue'] = "qLANRoot"; $queue['associatedrule'] = 0; $queue['defaultqueue'] = 'true'; $queue['realtime'] = "on"; $queue['realtime1'] = "10%"; $queue['realtime2'] = "1"; $queue['realtime3'] = "10%"; $queue['upperlimit'] = "on"; $queue['upperlimit1'] = "90%"; $queue['upperlimit2'] = "1"; $queue['upperlimit3'] = "90%"; $queue['linkshare'] = "on"; $queue['linkshare1'] = "1%"; $queue['linkshare2'] = "1"; $queue['linkshare3'] = "1%"; $queue['bandwidth'] = "0"; $queue['bandwidthtype'] = "Kb"; $config['shaper']['queue'][] = $queue; $queue = array(); $queue['name'] = "qLANacks"; $queue['ack'] = TRUE; $queue['attachtoqueue'] = "qLANRoot"; $queue['associatedrule'] = 0; $queue['priority'] = 7; $queue['realtime'] = "on"; $queue['realtime1'] = "10%"; $queue['realtime2'] = "1"; $queue['realtime3'] = "10%"; $queue['upperlimit'] = "on"; $queue['upperlimit1'] = "90%"; $queue['upperlimit2'] = "1"; $queue['upperlimit3'] = "90%"; $queue['linkshare'] = "on"; $queue['linkshare1'] = "1%"; $queue['linkshare2'] = "1"; $queue['linkshare3'] = "1%"; $queue['bandwidth'] = "0"; $queue['bandwidthtype'] = "Kb"; $config['shaper']['queue'][] = $queue; $queue = array(); $queue['name'] = "qWANacks"; $queue['ack'] = TRUE; $queue['attachtoqueue'] = "qWANRoot"; $queue['associatedrule'] = 0; $queue['priority'] = 7; $queue['realtime'] = "on"; $queue['realtime1'] = "10%"; $queue['realtime2'] = "1"; $queue['realtime3'] = "10%"; $queue['upperlimit'] = "on"; $queue['upperlimit1'] = "90%"; $queue['upperlimit2'] = "1"; $queue['upperlimit3'] = "90%"; $queue['linkshare'] = "on"; $queue['linkshare1'] = "1%"; $queue['linkshare2'] = "1"; $queue['linkshare3'] = "1%"; $queue['bandwidth'] = "0"; $queue['bandwidthtype'] = "Kb"; $config['shaper']['queue'][] = $queue; /* XXX create default rules here */ 3 Voice over IP Enable checkbox Prioritize Voice over IP traffic This will raise the priority of VOIP traffic above all other traffic. Provider select Choose Generic if your provider isn't listed. Generic (lowdelay) Generic VoicePulse VoicePulse Vonage Vonage Asterisk Asterisk Bandwidth select Total bandwidth guarantee for VOIP phone(s) 128 12000Kbits/sec 12000 11000Kbits/sec 11000 10000Kbits/sec 10000 9000Kbits/sec 9000 8000Kbits/sec 8000 7000Kbits/sec 7000 6000Kbits/sec 6000 5000Kbits/sec 5000 4000Kbits/sec 4000 3000Kbits/sec 3000 1500Kbits/sec 1500 1024Kbits/sec 1024 768Kbits/sec 768 512Kbits/sec 512 384Kbits/sec 384 256Kbits/sec 256 128Kbits/sec 128 96Kbits/sec 96 64Kbits/sec 64 32Kbits/sec 32 Next submit if ( $_POST['enable'] ) { /* create qVOIPUp */ $queue = array(); $queue['name'] = "qVOIPUp"; $queue['associatedrule'] = 0; $queue['priority'] = 7; $queue['ecn'] = "on"; $queue['realtime'] = "on"; $queue['realtime1'] = $_POST['bandwidth'] . "Kb"; $queue['realtime2'] = "1"; $queue['realtime3'] = $_POST['bandwidth'] . "Kb"; $queue['upperlimit'] = "on"; $queue['upperlimit1'] = $_POST['bandwidth'] . "Kb"; $queue['upperlimit2'] = "1"; $queue['upperlimit3'] = $_POST['bandwidth'] . "Kb"; $queue['linkshare'] = "on"; $queue['linkshare1'] = $_POST['bandwidth'] . "Kb"; $queue['linkshare2'] = "1"; $queue['linkshare3'] = $_POST['bandwidth'] . "Kb"; $queue['bandwidth'] = "0"; $queue['bandwidthtype'] = "Kb"; $queue['attachtoqueue'] = "qWANRoot"; $config['shaper']['queue'][] = $queue; /* create qVOIPDown */ $queue = array(); $queue['name'] = "qVOIPDown"; $queue['associatedrule'] = 0; $queue['priority'] = 7; $queue['ecn'] = "on"; $queue['realtime'] = "on"; $queue['realtime1'] = $_POST['bandwidth'] . "Kb"; $queue['realtime2'] = "1"; $queue['realtime3'] = $_POST['bandwidth'] . "Kb"; $queue['upperlimit'] = "on"; $queue['upperlimit1'] = $_POST['bandwidth'] . "Kb"; $queue['upperlimit2'] = "1"; $queue['upperlimit3'] = $_POST['bandwidth'] . "Kb"; $queue['linkshare'] = "on"; $queue['linkshare1'] = $_POST['bandwidth'] . "Kb"; $queue['linkshare2'] = "1"; $queue['linkshare3'] = $_POST['bandwidth'] . "Kb"; $queue['bandwidth'] = "0"; $queue['bandwidthtype'] = "Kb"; $queue['attachtoqueue'] = "qLANRoot"; $config['shaper']['queue'][] = $queue; if( $_POST['provider'] == "Generic") { /* create VOIP rules */ $rule = array(); $rule['descr'] = "DiffServ/Lowdelay/Upload"; $rule['inqueue'] = "qVOIPDown"; $rule['outqueue'] = "qVOIPUp"; $rule['interface'] = "lan"; $rule['source']['network'] = 'lan'; $rule['destination']['any'] = TRUE; $rule['iptos'] = "lowdelay"; $config['shaper']['rule'][] = $rule; $rule = array(); $rule['descr'] = "DiffServ/Lowdelay/Download"; $rule['inqueue'] = "qVOIPUp"; $rule['outqueue'] = "qVOIPDown"; $rule['interface'] = "wan"; $rule['source']['any'] = TRUE; $rule['destination']['network'] = 'lan'; $rule['iptos'] = "lowdelay"; $config['shaper']['rule'][] = $rule; } else { $voiplist = array(); /* setup vonage rule */ if( $_POST['provider'] == "Vonage") $voiplist[] = array('Vonage','udp','5060','5069','both'); /* asterisk server / same as vonage somewhat */ if( $_POST['provider'] == "Asterisk") { $voiplist[] = array('Asterisk','udp','5060','5069','both'); $voiplist[] = array('Asterisk','udp','10000','17226','both'); } /* VoicePulse server */ if( $_POST['provider'] == "VoicePulse") { $voiplist[] = array('VoicePulse','udp','16384','16482','both'); $voiplist[] = array('VoicePulse','udp','4569','4569','both'); } /* Set up/down games as higher weight */ /* loop through voiplist[] */ foreach ($voiplist as $voip) { foreach (array('source','destination') as $srcdest) { $rule = array(); if ($srcdest == 'source') { $destsrc = 'destination'; $rule['outqueue'] = 'qVOIPUp'; $rule['inqueue'] = 'qVOIPDown'; $rule['interface'] = 'lan'; $rule['source']['network'] = 'lan'; $rule['destination']['any'] = TRUE; $rule['descr'] = "m_voip {$voip[0]} outbound"; } else { $destsrc = 'source'; $rule['outqueue'] = 'qVOIPDown'; $rule['inqueue'] = 'qVOIPUp'; $rule['interface'] = 'wan'; $rule['source']['any'] = TRUE; $rule['destination']['network'] = 'lan'; $rule['descr'] = "m_voip {$voip[0]} inbound"; } $rule['destination']['port'] = $voip[2]."-".$voip[3]; if($voip[1] != '') $rule['protocol'] = $voip[1]; $config['shaper']['rule'][] = $rule; } } } } 4 Peer to Peer networking true true Enable checkbox Prioritize Peer-to-Peer traffic This will lower the priority of P2P traffic below all other traffic. Aimster,BitTorrent,BuddyShare,CuteMX,DCplusplus,dcc,DirectConnect,DirectFileExpress,EDonkey2000,FastTrack,Gnutella,grouper,hotComm,HotlineConnect,iMesh,Napster,OpenNap,Scour,SongSpy,WinMX Next submit Enable/Disable specific P2P protocols listtopic Aimster checkbox Aimster and other P2P using the Aimster protocol and ports BitTorrent checkbox Bittorrent and other P2P using the Torrent protocol and ports BuddyShare checkbox BuddyShare and other P2P using the BuddyShare protocol and ports CuteMX checkbox CuteMX and other P2P using the CuteMX protocol and ports DCplusplus checkbox DC++ and other P2P using the DC++ protocol and ports DCC checkbox irc DCC file transfers DirectConnect checkbox DirectConnect and other P2P using the DirectConnect protocol and ports DirectFileExpress checkbox DirectFileExpress and other P2P using the DirectFileExpress protocol and ports eDonkey2000 checkbox eDonkey and other P2P using the eDonkey protocol and ports FastTrack checkbox FastTrack and other P2P using the FastTrack protocol and ports Gnutella checkbox Gnutella and other P2P using the Gnutella protocol and ports grouper checkbox grouper and other P2P using the grouper protocol and ports hotComm checkbox hotComm and other P2P using the hotComm protocol and ports HotlineConnect checkbox HotlineConnect and other P2P using the HotlineConnect protocol and ports iMesh checkbox iMest and other P2P using the iMest protocol and ports Napster checkbox Napster and other P2P using the Napster protocol and ports OpenNap checkbox OpenNap and other P2P using the OpenNap protocol and ports Scour checkbox Scour and other P2P using the Scour protocol and ports SongSpy checkbox SongSpy and other P2P using the SongSpy protocol and ports WinMX checkbox WinMX and other P2P using the WinMX protocol and ports Next submit /* XXX - billm - needs to actually honor what the user selects still */ if ( $_POST['enable'] ) { $p2plist = array(); /* To add p2p clients, push Descr,Protocol,Start,End,src/dest/both onto p2plist */ if($_POST['aimster'] != "") $p2plist[] = array('Aimster','tcp','7668','7668','both'); if($_POST['bittorrent'] != "") $p2plist[] = array('BitTorrent','tcp','6881','6999','both'); if($_POST['buddyshare'] != "") $p2plist[] = array('BuddyShare','tcp','7788','7788','both'); if($_POST['cutemx'] != "") $p2plist[] = array('CuteMX','tcp','2340','2340','both'); if($_POST['dc++'] != "") $p2plist[] = array('DC++','tcp','1412','1412','both'); if($_POST['dcc'] != "") $p2plist[] = array('dcc','tcp','6666','6668','both'); if($_POST['directconnect'] != "") $p2plist[] = array('DirectConnect','tcp','412','412','both'); if($_POST['directfileexpress'] != "") $p2plist[] = array('DirectFileExpress','tcp','1044','1045','both'); if($_POST['edonkey2000'] != "") $p2plist[] = array('EDonkey2000','tcp','4661','4665','both'); if($_POST['fastTrack'] != "") $p2plist[] = array('FastTrack','tcp','1214','1214','both'); if($_POST['gnutella'] != "") $p2plist[] = array('Gnutella','tcp','6346','6346','both'); if($_POST['grouper'] != "") $p2plist[] = array('grouper','tcp','8038','8039','both'); if($_POST['hotcomm'] != "") $p2plist[] = array('hotComm','tcp','28864','28865','both'); if($_POST['hotlineconnect'] != "") $p2plist[] = array('HotlineConnect','tcp','5500','5503','both'); if($_POST['imesh'] != "") $p2plist[] = array('iMesh','tcp','4329','4329','both'); if($_POST['napster'] != "") $p2plist[] = array('Napster','tcp','6699','6701','both'); if($_POST['opennap'] != "") $p2plist[] = array('OpenNap','tcp','8888','8889','both'); if($_POST['scour'] != "") $p2plist[] = array('Scour','tcp','8311','8311','both'); if($_POST['songspy'] != "") $p2plist[] = array('SongSpy','tcp','5190','5190','both'); if($_POST['winmx'] != "") $p2plist[] = array('WinMX','tcp','6699','6699','both'); /* Set up/down p2p as lowest weight */ /* loop through p2plist[] */ foreach ($p2plist as $p2pclient) { foreach (array('source','destination') as $srcdest) { $rule = array(); if ($srcdest == 'source') { $destsrc = 'destination'; $rule['outqueue'] = 'qP2PUp'; $rule['inqueue'] = 'qP2PDown'; $rule['interface'] = 'lan'; $rule['source']['network'] = 'lan'; $rule['destination']['any'] = TRUE; $rule['descr'] = "m_P2P {$p2pclient[0]} outbound"; } else { $destsrc = 'source'; $rule['outqueue'] = 'qP2PDown'; $rule['inqueue'] = 'qP2PUp'; $rule['interface'] = 'wan'; $rule['source']['any'] = TRUE; $rule['destination']['network'] = 'lan'; $rule['descr'] = "m_P2P {$p2pclient[0]} inbound"; } $rule['destination']['port'] = $p2pclient[2]."-".$p2pclient[3]; if($p2pclient[1] != '') $rule['protocol'] = $p2pclient[1]; $config['shaper']['rule'][] = $rule; } } /* create qP2PUp */ $queue = array(); $queue['name'] = "qP2PUp"; $queue['associatedrule'] = 0; $queue['priority'] = 0; $queue['red'] = "on"; $queue['ecn'] = "on"; $queue['realtime'] = "on"; $queue['realtime1'] = "1Kb"; $queue['realtime2'] = "1"; $queue['realtime3'] = "1Kb"; $queue['upperlimit'] = "on"; $queue['upperlimit1'] = "90%"; $queue['upperlimit2'] = "1"; $queue['upperlimit3'] = "90%"; $queue['linkshare'] = "on"; $queue['linkshare1'] = "0%"; $queue['linkshare2'] = "1"; $queue['linkshare3'] = "0%"; $queue['bandwidth'] = "0"; $queue['bandwidthtype'] = "Kb"; $queue['attachtoqueue'] = "qWANRoot"; $config['shaper']['queue'][] = $queue; /* create qP2PDown */ $queue = array(); $queue['name'] = "qP2PDown"; $queue['associatedrule'] = 0; $queue['priority'] = 1; $queue['red'] = "on"; $queue['ecn'] = "on"; $queue['realtime'] = "on"; $queue['realtime1'] = "1Kb"; $queue['realtime2'] = "1"; $queue['realtime3'] = "1Kb"; $queue['upperlimit'] = "on"; $queue['upperlimit1'] = "90%"; $queue['upperlimit2'] = "1"; $queue['upperlimit3'] = "90%"; $queue['linkshare'] = "on"; $queue['linkshare1'] = "1%"; $queue['linkshare2'] = "1"; $queue['linkshare3'] = "1%"; $queue['bandwidth'] = "0"; $queue['bandwidthtype'] = "Kb"; $queue['attachtoqueue'] = "qLANRoot"; $config['shaper']['queue'][] = $queue; } 5 true Network Games Enable checkbox Prioritize network gaming traffic This will raise the priority of gaming traffic to higher than most traffic. Counterstrike,DeltaForce,QuakeIII,TigerWoods2004PS2,CallOfDuty,PlanetSide true Enable/Disable specific P2P protocols listtopic Counterstrike checkbox Counterstrike. The ultimate 1st person shooter. DeltaForce checkbox Delta Force QuakeIII checkbox Quake III TigerWoods2004PS2 checkbox Tiger Woods 2004 for PS2 CallOfDuty checkbox Call Of Duty (United Offensive) PlanetSide checkbox PlanetSide Next submit /* XXX - billm - needs to actually honor what the user selects still */ if ( $_POST['enable'] ) { /* create qGamesUp queue */ $queue = array(); $queue['name'] = "qGamesUp"; $queue['associatedrule'] = 0; $queue['priority'] = 5; $queue['red'] = "on"; $queue['ecn'] = "on"; $queue['realtime'] = "on"; $queue['realtime1'] = "1Kb"; $queue['realtime2'] = "1"; $queue['realtime3'] = "1Kb"; $queue['upperlimit'] = "on"; $queue['upperlimit1'] = "90%"; $queue['upperlimit2'] = "1"; $queue['upperlimit3'] = "90%"; $queue['linkshare'] = "on"; $queue['linkshare1'] = "1%"; $queue['linkshare2'] = "1"; $queue['linkshare3'] = "1%"; $queue['bandwidth'] = "0"; $queue['bandwidthtype'] = "Kb"; $queue['attachtoqueue'] = "qWANRoot"; $config['shaper']['queue'][] = $queue; /* create qGamesDown queue */ $queue = array(); $queue['name'] = "qGamesDown"; $queue['associatedrule'] = 0; $queue['priority'] = 5; $queue['red'] = "on"; $queue['ecn'] = "on"; $queue['realtime'] = "on"; $queue['realtime1'] = "1Kb"; $queue['realtime2'] = "1"; $queue['realtime3'] = "1Kb"; $queue['upperlimit'] = "on"; $queue['upperlimit1'] = "90%"; $queue['upperlimit2'] = "1"; $queue['upperlimit3'] = "90%"; $queue['linkshare'] = "on"; $queue['linkshare1'] = "1%"; $queue['linkshare2'] = "1"; $queue['linkshare3'] = "1%"; $queue['bandwidth'] = "0"; $queue['bandwidthtype'] = "Kb"; $queue['attachtoqueue'] = "qLANRoot"; $config['shaper']['queue'][] = $queue; $gamesplist = array(); if($_POST['counterstrike'] != "") { /* counter strike */ $gamesplist[] = array('Titan','udp','6003','6003','both'); $gamesplist[] = array('Authentication','udp','7002','7002','both'); $gamesplist[] = array('Client','udp','6003','6003','both'); $gamesplist[] = array('Masterserver','udp','27010','27010','both'); $gamesplist[] = array('Mod-Server','udp','27011','27011','both'); $gamesplist[] = array('Chat','udp','27012','27012','both'); $gamesplist[] = array('HL-Serverport ','udp','27015','27015','both'); } if($_POST['deltaforce'] != "") { /* delta force */ $gamesplist[] = array('Delta1','udp','17478','17488','both'); } if($_POST['quakeiii'] != "") { /* quake3 */ $gamesplist[] = array('Delta1','udp','27910','27919','both'); } if($_POST['tigerwoods2004ps2'] != "") { /* tiger woods 2004 ps2 */ $gamesplist[] = array('Outbound2Player','udp','3658','3658','both'); $gamesplist[] = array('Outbound2Player2','udp','6000','6000','both'); $gamesplist[] = array('Outbound2EA','tcp','10300','10301','both'); } if($_POST['callofduty'] != "") { /* Call of Duty (United Offensive) */ $gamesplist[] = array('CallOfDuty1','tcp','28960','28960','both'); $gamesplist[] = array('CallOfDuty2','udp','28960','28960','both'); } if($_POST['planetside'] != "") { /* PlanetSide */ $gamesplist[] = array('PlanetSide','tcp','7000','7000','both'); $gamesplist[] = array('PlanetSide','tcp','7080','7080','both'); $gamesplist[] = array('PlanetSide2','udp','3016','3021','both'); $gamesplist[] = array('PlanetSide2','udp','45000','45010','both'); $gamesplist[] = array('PlanetSide2','udp','30000','30500','both'); } /* XXX: add some more games before this line!! */ /* Set up/down games as higher weight */ /* loop through p2plist[] */ foreach ($gamesplist as $Gameclient) { foreach (array('source','destination') as $srcdest) { $rule = array(); if ($srcdest == 'source') { $destsrc = 'destination'; $rule['outqueue'] = 'qGamesUp'; $rule['inqueue'] = 'qGamesDown'; $rule['interface'] = 'lan'; $rule['source']['network'] = 'lan'; $rule['destination']['any'] = TRUE; $rule['descr'] = "m_Game {$Gameclient[0]} outbound"; } else { $destsrc = 'source'; $rule['outqueue'] = 'qGamesDown'; $rule['inqueue'] = 'qGamesUp'; $rule['interface'] = 'wan'; $rule['source']['any'] = TRUE; $rule['destination']['network'] = 'lan'; $rule['descr'] = "m_Game {$Gameclient[0]} inbound"; } $rule['destination']['port'] = $Gameclient[2]."-".$Gameclient[3]; if($Gameclient[1] != '') $rule['protocol'] = $Gameclient[1]; $config['shaper']['rule'][] = $rule; } } } 6 true Other Application Enable checkbox Other networking protocols This will help raise the priority of other protocols higher than most traffic. MSRDP,PPTP,IPSEC,StreamingMP3,irc,dns true Enable/Disable other protocols listtopic MSRDP checkbox Microsoft Remote Desktop Protocol PPTP checkbox Microsoft Point to Point tunneling protocol IPSEC checkbox IPSEC VPN traffic StreamingMP3 checkbox Streaming Media IRC checkbox Internet Relay Chat DNS checkbox Domain Name Services Next submit if ( $_POST['enable'] ) { /* create qOthersUp queue */ $queue = array(); $queue['name'] = "qOthersUp"; $queue['associatedrule'] = 0; $queue['priority'] = 4; $queue['red'] = "on"; $queue['ecn'] = "on"; $queue['realtime'] = "on"; $queue['realtime1'] = "1Kb"; $queue['realtime2'] = "1"; $queue['realtime3'] = "1Kb"; $queue['upperlimit'] = "on"; $queue['upperlimit1'] = "90%"; $queue['upperlimit2'] = "1"; $queue['upperlimit3'] = "90%"; $queue['linkshare'] = "on"; $queue['linkshare1'] = "1%"; $queue['linkshare2'] = "1"; $queue['linkshare3'] = "1%"; $queue['bandwidth'] = "0"; $queue['bandwidthtype'] = "Kb"; $queue['attachtoqueue'] = "qWANRoot"; $config['shaper']['queue'][] = $queue; /* create qOthersDown queue */ $queue = array(); $queue['name'] = "qOthersDown"; $queue['associatedrule'] = 0; $queue['priority'] = 4; $queue['red'] = "on"; $queue['ecn'] = "on"; $queue['realtime'] = "on"; $queue['realtime1'] = "1Kb"; $queue['realtime2'] = "1"; $queue['realtime3'] = "1Kb"; $queue['upperlimit'] = "on"; $queue['upperlimit1'] = "90%"; $queue['upperlimit2'] = "1"; $queue['upperlimit3'] = "90%"; $queue['linkshare'] = "on"; $queue['linkshare1'] = "1%"; $queue['linkshare2'] = "1"; $queue['linkshare3'] = "1%"; $queue['bandwidth'] = "0"; $queue['bandwidthtype'] = "Kb"; $queue['attachtoqueue'] = "qLANRoot"; $config['shaper']['queue'][] = $queue; $othersplist = array(); if($_POST['msrdp'] != "") { /* MSRDP */ $othersplist[] = array('MSRDP','tcp','3389','3389','both'); } if($_POST['pptp'] != "") { /* PPTP */ $othersplist[] = array('PPTP','tcp','1723','1723','both'); $othersplist[] = array('PPTPGRE','gre','','','both'); } if($_POST['ipsec'] != "") { /* IPSEC */ $othersplist[] = array('IPSEC','udp','500','500','both'); $othersplist[] = array('IPSEC','ah','','','both'); $othersplist[] = array('IPSEC','esp','','','both'); } if($_POST['streamingmp3'] != "") { /* streaming mp3 media aka shoutcast */ $othersplist[] = array('STREAMINGMP3','tcp','8000','8010','both'); } if($_POST['irc'] != "") { /* internet relay chat */ $othersplist[] = array('IRC','tcp','6667','6670','both'); } if($_POST['dns'] != "") { /* domain name system */ $othersplist[] = array('DNS1','tcp','53','53','both'); $othersplist[] = array('DNS2','udp','53','53','both'); } /* XXX: add some more protocols here! */ /* Set up/down protocols as higher weight */ /* loop through othersplist[] */ foreach ($othersplist as $otherclient) { foreach (array('source','destination') as $srcdest) { $rule = array(); if ($srcdest == 'source') { $destsrc = 'destination'; $rule['outqueue'] = 'qOthersUp'; $rule['inqueue'] = 'qOthersDown'; $rule['interface'] = 'lan'; $rule['source']['network'] = 'lan'; $rule['destination']['any'] = TRUE; $rule['descr'] = "m_Other {$otherclient[0]} outbound"; } else { $destsrc = 'source'; $rule['outqueue'] = 'qOthersDown'; $rule['inqueue'] = 'qOthersUp'; $rule['interface'] = 'wan'; $rule['source']['any'] = TRUE; $rule['destination']['network'] = 'lan'; $rule['descr'] = "m_Other {$otherclient[0]} inbound"; } $rule['destination']['port'] = $otherclient[2]."-".$otherclient[3]; if($otherclient[1] != '') $rule['protocol'] = $otherclient[1]; $config['shaper']['rule'][] = $rule; } } } 7 After pressing Finish the system will load the new profile. Finish submit $config['shaper']['enable'] = TRUE; filter_configure(); header("Location: /");