#!/bin/sh

PATH=/sbin:/usr/sbin:/usr/local/sbin:$PATH

DEV=eth1

tcf () {
    tc "$@" || exit 1
}

tc qdisc del dev $DEV root    2> /dev/null > /dev/null
tc qdisc del dev $DEV ingress 2> /dev/null > /dev/null

if [ $# != 0 ]; then exit 1; fi

tcf qdisc add dev $DEV root handle 100: prio bands 6 priomap 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 
#tcf qdisc add dev $DEV root handle 100: prio bands 5 priomap 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 
#tcf qdisc add dev $DEV root handle 100: prio bands 4 priomap 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 
#tcf qdisc add dev $DEV root handle 100: prio bands 3 priomap 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 

tcf qdisc add dev $DEV parent 100:1 handle 110: bfifo limit 1000
tcf qdisc add dev $DEV parent 100:2 handle 120: sfq perturb 10
tcf qdisc add dev $DEV parent 100:3 handle 130: sfq perturb 10
tcf qdisc add dev $DEV parent 100:4 handle 140: pfifo
tcf qdisc add dev $DEV parent 100:5 handle 150: sfq perturb 10
tcf qdisc add dev $DEV parent 100:6 handle 160: pfifo

# filters
# 110 is for ut
# 120 for tcp acks & icmp
# 130 is for ssh & telnet
# 140 for other udp traffic
# 150 is default
# 160 for nfs & fragmented ip packets

icmp_match="match ip protocol 1 0xff"
tcp_match="match ip protocol 6 0xff"
udp_match="match ip protocol 17 0xff"

# ff == first fragment == fragment offset=0
ipff_match="match u16 0 0x1fff at 6"
icmpff_match="$icmp_match $ipff_match"
tcpff_match="$tcp_match $ipff_match"
udpff_match="$udp_match $ipff_match"

ssh_smatch="   $tcpff_match match ip sport   22 0xffff"
ssh_dmatch="   $tcpff_match match ip dport   22 0xffff"

ssh23_smatch=" $tcpff_match match ip sport   23 0xffff"
ssh23_dmatch=" $tcpff_match match ip dport   23 0xffff"

nfs_smatch="   $udpff_match match ip sport 2049 0xffff"
nfs_dmatch="   $udpff_match match ip dport 2049 0xffff"

#www_smatch="   $tcpff_match match ip sport   80 0xffff"

ut_smatch="    $udpff_match match ip sport 7777 0xff00"
ut_dmatch="    $udpff_match match ip dport 7777 0xfc00"

ihl20_match="  match u8 0x05 0x0f at 0"
lt64_match="   match u16 0x0000 0xffc0 at 2"
tcpackbit_match="match u8 0x10 0xff at 33"
tcpack_match=" $tcpff_match $ihl20_match $lt64_match $tcpackbit_match"

any_match="    match u8 0 0 at 0"

tcf filter add dev $DEV parent 100: protocol ip prio 110 u32 $ut_dmatch     flowid 100:1
tcf filter add dev $DEV parent 100: protocol ip prio 110 u32 $ut_smatch     flowid 100:1

tcf filter add dev $DEV parent 100: protocol ip prio 120 u32 $icmp_match    flowid 100:2
tcf filter add dev $DEV parent 100: protocol ip prio 120 u32 $tcpack_match  flowid 100:2

tcf filter add dev $DEV parent 100: protocol ip prio 130 u32 $ssh_smatch    flowid 100:3
tcf filter add dev $DEV parent 100: protocol ip prio 130 u32 $ssh_dmatch    flowid 100:3
tcf filter add dev $DEV parent 100: protocol ip prio 130 u32 $ssh23_smatch  flowid 100:3
tcf filter add dev $DEV parent 100: protocol ip prio 130 u32 $ssh23_dmatch  flowid 100:3

tcf filter add dev $DEV parent 100: protocol ip prio 135 u32 $nfs_smatch    flowid 100:6
tcf filter add dev $DEV parent 100: protocol ip prio 135 u32 $nfs_dmatch    flowid 100:6

tcf filter add dev $DEV parent 100: protocol ip prio 140 u32 $udpff_match   flowid 100:4

tcf filter add dev $DEV parent 100: protocol ip prio 150 u32 $ipff_match    flowid 100:5

tcf filter add dev $DEV parent 100: protocol ip prio 155 u32 $any_match     flowid 100:6