hosted services

One thing that I would really appreciate is a means of telling Firefox or your favourite browser to set the local port number of a connection to within a certain range when the URL is for a particular domain. You will see why later.

#!/bin/sh

RATE=70kbps
CEIL=75kbps
SPORT=$1

# wipe rules
tc qdisc del dev eth0 root

# default of 2 does not exist
tc qdisc add dev eth0 root handle 1:0 htb default 2
tc class add dev eth0 parent 1:0 classid 1:10 htb rate $RATE ceil $CEIL prio 0

# wipe iptables, only mangle is needed here really, but to have a clean slate
iptables --flush
iptables --delete-chain
iptables --table nat --flush
iptables --table filter --flush
iptables --table mangle --flush
iptables --table nat --delete-chain
iptables --table filter --delete-chain
iptables --table mangle --delete-chain

# find sport from netstat -n --inet/--inet6
iptables -A OUTPUT -t mangle -p tcp --sport $SPORT  -j MARK --set-mark 10

tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10

So, when using netstat you can identify the source port by watching the queue length. If the application is swamping the network then you will notice there are packets waiting to be sent.

$ netstat -an --inet
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
...
tcp        0   4136 192.168.1.10:54644      192.168.1.17:22         ESTABLISHED
...

So, in this case we would run the script as follows:

# ./throttle 54644

This script makes no effort to sanity check your input as I did not want to bore you with any of that. Should you wish to ensure that the parameter is numbers only, then:

echo "$1" | egrep '^[^0-9]$' && exit 1