/etc/inc/shaper.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/shaper.inc @ 7392a31f

-f78b1
+<?php
 /* $Id$ */
 /*
-            afb5973f
+	shaper.inc
 	Copyright (C) 2004 Scott Ullrich
 	Copyright (C) 2005 Bill Marquette
 	All rights reserved.
 	Redistribution and use in source and binary forms, with or without
 	modification, are permitted provided that the following conditions are met:
 . Redistributions of source code must retain the above copyright notice,
 	this list of conditions and the following disclaimer.
 . Redistributions in binary form must reproduce the above copyright
 	notice, this list of conditions and the following disclaimer in the
 	documentation and/or other materials provided with the distribution.
 	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
 	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
 	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
 	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 	POSSIBILITY OF SUCH DAMAGE.
-f78b1
+            Bill Marquette
 */
 /* include all configuration functions */
 require_once("functions.inc");
 require_once("pkg-utils.inc");
 require_once("notices.inc");
 function find_default_queue($interface) {
 	global $config, $queue_cache;
 	$qconfig = $config;
 	/* quick return if we've already seen the default queue for this interface */
 	if (isset($queue_cache['defq'][$interface]))
 	return $queue_cache['defq'][$interface];
 	if (is_array($qconfig['shaper']['queue'])) {
 		foreach ($qconfig['shaper']['queue'] as $queue) {
 			if(isset($queue['defaultqueue']) and ($queue['defaultqueue'] <> "")) {
 				/* If this is a child queue */
 				if(isset($queue['attachtoqueue'])) {
 					if(is_subqueue_used_on_interface($queue['attachtoqueue'], $interface)) {
 						$queue_cache['defq'][$interface] = $queue['name'];
 						return $queue['name'];
+					}
 				} else {
 					$queue_cache['defq'][$interface] = $queue['name'];
 					return $queue['name'];
+				}
+			}
+		}
+	}
 	/* unreachable */
 	return null;
+}
 function get_ack_queue($interface) {
 	global $config, $queue_cache;
 	/* quick return if we've already seen the ack queue for this interface */
 	if (isset($queue_cache['ackq'][$interface]))
 	return $queue_cache['ackq'][$interface];
 	$qconfig = $config;
 	if (is_array($qconfig['shaper']['queue'])) {
 		foreach ($qconfig['shaper']['queue'] as $queue) {
 			if(isset($queue['ack']))
 			if(isset($queue['attachtoqueue']))
 			if(is_subqueue_used_on_interface($queue['attachtoqueue'], $interface)) {
 				/* Add to cache */
 				$queue_cache['ackq'][$interface] = $queue['name'];
 				return $queue['name'];
+			}
+		}
+	}
 	/* unreachable */
 	return null;
+}
 function filter_generate_altq_queues($altq_ints) {
 	global $config;
 	$altq_rules = "";
 	if (is_array($config['shaper']['queue'])) {
 		foreach ($config['shaper']['queue'] as $rule) {
 			$options = "";
 			// check to make sure we're actually using this queue.
 			//if(stristr($altq_ints, $rule['name']) !== FALSE) {
 			$altq_rules .= "queue {$rule['name']} ";
 			if (isset($rule['bandwidth']) and $rule['bandwidth'] <> "")
 			$altq_rules .= "bandwidth {$rule['bandwidth']}{$rule['bandwidthtype']} ";
 			if (isset($rule['priority']) and $rule['priority'] <> "")
 			$altq_rules .= "priority {$rule['priority']} ";
 			if(isset($rule['red']) and $rule['red'] <> "")
 			$options .= " red";
 			if(isset($rule['borrow']) and $rule['borrow'] <> "")
 			$options .= " borrow";
 			if(isset($rule['ecn']) and $rule['ecn'] <> "")
 			$options .= " ecn";
 			if(isset($rule['rio']) and $rule['rio'] <> "")
 			$options .= " rio";
 			if(isset($rule['defaultqueue']) and $rule['defaultqueue'] <> "")
 			$options .= " default";
 			if(isset($rule['upperlimit']) and $rule['upperlimit'] <> "") {
 				$options .= " upperlimit({$rule['upperlimit1']} {$rule['upperlimit2']} {$rule['upperlimit3']})";
+			}
 			if(isset($rule['linkshare']) and $rule['linkshare'] <> "") {
 				$options .= " linkshare({$rule['linkshare1']} {$rule['linkshare2']} {$rule['linkshare3']})";
+			}
 			if(isset($rule['realtime']) and $rule['realtime'] <> "") {
 				$options .= " realtime({$rule['realtime1']} {$rule['realtime2']} {$rule['realtime3']})";
+			}
-bdf53c9
+			$scheduler_type = $config['shaper']['schedulertype'];
-f9a3d3b
+			$altq_rules .= "{$scheduler_type} ";
-f78b1
+			if($options)
 				$altq_rules .= "( {$options} )";
 			$fsq="";
 			foreach($config['shaper']['queue'] as $q) {
 				if($q['attachtoqueue'] == $rule['name']) {
 					if($fsq == "") {
 						$altq_rules .= "{ ";
+					}
 					else if($fsq == "1") {
 						$altq_rules .= ", ";
+					}
 					$altq_rules .= $q['name'];
 					$fsq = "1";
+				}
+			}
 			if($fsq == "1")
 			$altq_rules .= " }";
 			$altq_rules .= "\n";
 			//}
+		}
+	}
 	return $altq_rules;
+}
 /* Find a queue that's attached to this one and see if that queue is used on this interface */
 function is_subqueue_used_on_interface($queuename, $interface) {
 	global $config;
 	$qconfig = $config;
 	if (!is_array($qconfig['shaper']['queue'])) return 0;
 	foreach ($qconfig['shaper']['queue'] as $queue) {
-            b7ff5e40
+		if($queue['attachtoqueue'] == $queuename) {
 			/* recurse if we're a parent queue */
 			if ($queue['parentqueue'] == "on") {
 				return is_subqueue_used_on_interface($queue['name'], $interface);
+			}
 			/* If we're not a parent check to see if the queue is used on this interface */
 			$subqueue_interface = filter_is_queue_being_used_on_interface($queue['name'], $interface);
 			if ($subqueue_interface != ""){
 				return 1;
+			}
-f78b1
+            Bill Marquette
+	}
 	return 0;
+}
 function filter_is_queue_being_used_on_interface($queuename, $interface) {
 	global $config;
 	$lconfig = $config;
 	if(!is_array($lconfig['shaper']['rule'])) return null;
 	foreach($lconfig['shaper']['rule'] as $rule) {
 		if(($rule['inqueue'] == $queuename && $rule['interface'] == $interface))
 		return $interface;
+	}
 	return null;
+}
 function filter_setup_altq_interfaces() {
 	global $config;
 	$altq_rules  = "";
 	$queue_names = "";
 	$is_first = "";
 	if(!is_array($config['shaper']['queue'])) return null;
 	$ifdescrs = array('wan', 'lan');
 	for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) {
 		$ifdescrs[] = "opt" . $j;
+	}
 	foreach ($ifdescrs as $ifdescr => $ifname) {
 		$queue_names = "";
 		$is_first = "";
-            b7ff5e40
+		$queue_names = find_root_queue($ifname);
-f78b1
+            Bill Marquette
 		if($queue_names <> ""){
 			$altq_rules .= "altq on {$config['interfaces'][$ifname]['if']} ";
-            95904542
+			/* Default bandwidth to 10Mbit - this handles virtual interfaces (vlan) that have
 			 * no bandwidth associated with them.
 			 */
 			$bandwidth = "bandwidth 10Mb";
-bdf53c9
+			if($config['interfaces'][$ifname]['bandwidth'] <> "" and $config['interfaces'][$ifname]['bandwidthtype'] <> "" )
-f78b1
+				$bandwidth = "bandwidth {$config['interfaces'][$ifname]['bandwidth']}{$config['interfaces'][$ifname]['bandwidthtype']}";
 			$altq_rules .= "{$config['shaper']['schedulertype']} {$bandwidth} ";
 			$altq_rules .= "queue { {$queue_names} }";
+		}
 		$altq_rules .= "\n";
+	}
 	return $altq_rules;
+}
-            b7ff5e40
+/* Find the root queue for an interface */
 function find_root_queue($ifname) {
 	global $config;
 	$dbg = fopen("/tmp/debug", 'a');
 	foreach ($config['shaper']['queue'] as $queue) {
 		$rule_interface = "";
 		$q = $queue;
 		fwrite($dbg, "interface: {$ifname}\n");
 		fwrite($dbg, "queue: {$q['name']} parent: {$q['parentqueue']} attached: {$q['attachtoqueue']}\n");
 		/* if we're a parentqueue and aren't attached to another queue we're probably a root */
 		if ((isset($q['parentqueue']) && $q['parentqueue'] <> "") && (!isset($q['attachtoqueue']) || $q['attachtoqueue'] == "")) {
 			fwrite($dbg, "queue: {$q['name']} is a parent\n");
 			/* Confirm that this is a valid queue for this interface */
 			$rule_interface = is_subqueue_used_on_interface($q['name'], $ifname);
 			if ($rule_interface == 1) {
 				fwrite($dbg, "queue: {$q['name']} is a parent on {$ifname}\n");
 				$queue_names .= " ";
 				$queue_names .= $q['name'];
+			}
+		}
+	}
 	fclose($dbg);
 	return $queue_names;
+}
-f78b1
+            Bill Marquette
 function is_queue_attached_children($name) {
 	global $config;
 	if (!is_array($config['shaper']['queue'])) return 0;
 	foreach ($config['shaper']['queue'] as $queue) {
 		if($queue['attachtoqueue'] == $name) return 1;
+	}
 	return 0;
+}
 function queue_interface_recursive($queuename) {
 	global $config;
 	foreach($config['shaper']['queue'] as $queue) {
 		if($queue['attachtoqueue'] == $queuename) {
 			$status = queue_interface_recursive($queue['name']);
 			if($status <> "") return $status;
+		}
 		foreach($config['shaper']['rule'] as $rule) {
 			if($rule['inqueue'] == $queuename)
 			return $rule['interface'];
+		}
+	}
 	/* unreachable */
 	return null;
+}
 function is_subqueue($name) {
 	global $config;
 	$queues = $config['shaper']['queue']; /* must assign to keep from corrupting in memory $config */
 	if (!is_array($queues)) return 0;
 	foreach ($queues as $queue) {
 		if($queue['attachtoqueue'] == $name) return 1;
+	}
 	return 0;
+}
 function filter_altq_get_queuename($queuenum) {
 	global $config;
 	$x=0;
 	foreach($config['shaper']['queue'] as $rule) {
 		if($x == $queuenum)
 		return $rule['name'];
 		$x++;
+	}
 	/* unreachable */
 	return null;
+}
 function filter_generate_pf_altq_rules() {
 	/* I don't think we're in IPFW anymore Toto */
 	global $config, $g, $tcpflags;
 	$lancfg = $config['interfaces']['lan'];
 	$pptpdcfg = $config['pptpd'];
 	$pppoecfg = $config['pppoe'];
 	$lanif = $lancfg['if'];
 	$wanif = get_real_wan_interface();
 	$lansa = gen_subnet($lancfg['ipaddr'], $lancfg['subnet']);
 	$lansn = $lancfg['subnet'];
 	/* optional interfaces */
 	$optcfg = array();
 	generate_optcfg_array($optcfg);
 	if ($pptpdcfg['mode'] == "server") {
 		$pptpsa = $pptpdcfg['remoteip'];
 		$pptpsn = $g['pptp_subnet'];
 		if($config['pptp']['pptp_subnet'] <> "")
 		$pptpsn = $config['pptp']['pptp_subnet'];
+	}
 	if ($pppoecfg['mode'] == "server") {
 		$pppoesa = $pppoecfg['remoteip'];
 		$pppoesn = $g['pppoe_subnet'];
 		if($config['pppoe']['pppoe_subnet'] <> "")
 		$pppoesn = $config['pppoe']['pppoe_subnet'];
+	}
 	/* generate rules */
 	if (isset($config['shaper']['rule']))
 	foreach ($config['shaper']['rule'] as $rule) {
 		/* don't include disabled rules */
 		if (isset($rule['disabled'])) {
 			$i++;
 			continue;
+		}
 		switch($rule['interface']) {
 			case "pptp": /* does the rule deal with a PPTP interface? */
 				if ($pptpdcfg['mode'] != "server") {
 					if (($rule['source']['network'] == "pptp") ||
 					($rule['destination']['network'] == "pptp")) {
 						$i++;
 						continue;
+					}
+				}
 				$nif = $g['n_pptp_units'];
 				if($config['pptp']['n_pptp_units'] <> "")
 					$nif = $config['pptp']['n_pptp_units'];
 				$ispptp = true;
 				break;
 			case "pppoe": /* does the rule deal with a PPPOE interface? */
 				if ($pppoecfg['mode'] != "server") {
 					if (($rule['source']['network'] == "pppoe") ||
 					($rule['destination']['network'] == "pppoe")) {
 						$i++;
 						continue;
+					}
+				}
 				$nif = $g['n_pppoe_units'];
 				if($config['pppoe']['n_pppoe_units'] <> "")
 					$nif = $config['pppoe']['n_pppoe_units'];
 				$ispppoe = true;
 				break;
 			default:
 				if (strstr($rule['interface'], "opt")) {
 					if (!array_key_exists($rule['interface'], $optcfg)) {
 						$i++;
 						continue;
+					}
+				}
 				$nif = 1;
 				$ispptp = false;
 				$ispppoe = false;
+		}
 		if (strstr($rule['source']['network'], "opt")) {
 			if (!array_key_exists($rule['source']['network'], $optcfg)) {
 				$i++;
 				continue;
+			}
+		}
 		if (strstr($rule['destination']['network'], "opt")) {
 			if (!array_key_exists($rule['destination']['network'], $optcfg)) {
 				$i++;
 				continue;
+			}
+		}
 		/* check for unresolvable aliases */
 		if ($rule['source']['address'] && !alias_expand($rule['source']['address'])) {
 			$i++;
 			continue;
+		}
 		if ($rule['destination']['address'] && !alias_expand($rule['destination']['address'])) {
 			$i++;
 			continue;
+		}
 		for ($iif = 0; $iif < $nif; $iif++) {
 			foreach ( array('in', 'out') as $direction) {
 				$line = "pass {$direction} on ";
 				if ($ispptp) {
 					$line .= " ng" . ($iif+1);
 				} else {
 					if($ispppoe) {
 						$line .= " ng" . ($iif+1);
 					} else {
 						$if = $config['interfaces'][$rule['interface']]['if'];
+					}
 					if ($rule['interface'] == "wan") {
 						if($direction=="in") {
 							$if = $wanif;
 						} else {
 							$if = $lanif;
+						}
 					} else {
 						if($rule['interface'] == "lan") {
 							if($direction=="in") {
 								$if = $lanif;
 							} else {
 								$if = $wanif;
+							}
+						}
+					}
 					$line .= " {$if} ";
+				}
 				if (isset($rule['protocol'])) {
 					$line .= "proto {$rule['protocol']} ";
+				}
 				/* source address */
-bdf53c9
+				/* Using any for source on 'out' is due to not knowing what
 				 * the packet looks like after NAT occurs
 				 */
-f78b1
+				if (isset($rule['source']['any']) || $direction == "out") {
 					$src = "any";
 				} else if ($rule['source']['network']) {
 					if (strstr($rule['source']['network'], "opt")) {
 						$src = $optcfg[$rule['source']['network']]['sa'] . "/" .
 						$optcfg[$rule['source']['network']]['sn'];
 					} else {
 						switch ($rule['source']['network']) {
 							case 'lan':
 							$src = "$lansa/$lansn";
 							break;
 							case 'pptp':
 							$src = "$pptpsa/$pptpsn";
 							break;
 							case 'pppoe':
 							$src = "$pppoesa/$pppoesn";
 							break;
+						}
+					}
 				} else if ($rule['source']['address']) {
-bae67f6
+					$src = alias_expand($rule['source']['address']);
 					if(!$src)
 						$src = $rule['source']['address'];
-f78b1
+            Bill Marquette
 				if (!$src) {
 					printf("No source address found in rule $i\n");
 					break;
+				}
 				if (isset($rule['source']['not'])) {
 					$line .= "from ! $src ";
 				} else {
 					$line .= "from $src ";
+				}
 				if (!isset($rule['protocol']) || in_array($rule['protocol'], array("tcp","udp"))) {
 					if ($rule['source']['port']) {
 						/*
 						* Check to see if port is a alias.  If so grab it and
 						* enclose it in { } to pass to pf.
+						*
 						* Otherwise combine the portrange into one if its only
 						* one item.
 						*/
 						$src = alias_expand($rule['source']['port']);
 						if($src <> "") {
 							$line .= "port {$rule['destination']['port']}";
 						} else {
 							$srcport = explode("-", $rule['source']['port']);
 							if ((!$srcport[1]) || ($srcport[0] == $srcport[1])) {
 								$line .= "port {$srcport[0]} ";
 							} else {
 								$line .= "port {$srcport[0]}:{$srcport[1]} ";
+							}
+						}
+					}
+				}
 				/* destination address */
 				if (isset($rule['destination']['any'])) {
 					$dst = "any";
 				} else if ($rule['destination']['network']) {
 					if (strstr($rule['destination']['network'], "opt")) {
 						$dst = $optcfg[$rule['destination']['network']]['sa'] . "/" .
 						$optcfg[$rule['destination']['network']]['sn'];
 					} else {
 						switch ($rule['destination']['network']) {
 							case 'lan':
 							$dst = "$lansa/$lansn";
 							break;
 							case 'pptp':
 							$dst = "$pptpsa/$pptpsn";
 							break;
 							case 'pppoe':
 							$dst = "$pppoesa/$pppoesn";
 							break;
+						}
+					}
 				} else if ($rule['destination']['address']) {
-bae67f6
+					$dst = alias_expand($rule['destination']['address']);
 					if(!$dst)
 						$dst = $rule['destination']['address'];
-f78b1
+            Bill Marquette
 				if (!$dst) {
 					printf("No destination address found in rule $i\n");
 					break;
+				}
 				if (isset($rule['destination']['not'])) {
 					$line .= "to ! $dst ";
 				} else {
 					$line .= "to $dst ";
+				}
 				if (!isset($rule['protocol']) || in_array($rule['protocol'], array("tcp","udp"))) {
 					if ($rule['destination']['port']) {
 						$dst = alias_expand($rule['destination']['port']);
 						/*
 						* Check to see if port is a alias.  If so grab it and
 						* enclose it in { } to pass to pf.
+						*
 						* Otherwise combine the portrange into one if its only
 						* one item.
 						*/
 						if($dst <> "") {
 							$line .= "port {$rule['destination']['port']}";
 						} else {
 							$dstport = explode("-", $rule['destination']['port']);
 							if ((!$dstport[1]) || ($dstport[0] == $dstport[1])) {
 								$line .= "port {$dstport[0]} ";
 							} else {
 								$line .= "port {$dstport[0]}:{$dstport[1]} ";
+							}
+						}
+					}
+				}
 				if ($rule['iptos'])
 				$line .= "tos {$rule['iptos']} ";
 				$inflags = explode(",", $rule['tcpflags']);
 				$flags = " flags ";
 				foreach ($tcpflags as $tcpflag) {
 					if (array_search($tcpflag, $inflags) !== false) {
 						$flags .= strtoupper(substr($tcpflag, 0, 1));
+					}
+				}
 				if($flags <> " flags ")
 				$line .= "{$flags}/SAFRPU ";
 				$qtag = "{$direction}queue";
-cd71852
+				$line .= " keep state tagged unshaped tag {$rule[$qtag]} ";
-f78b1
+            Bill Marquette
 				$line .= "\n";
 				$shaperrules .= $line;
+			}
+		}
 		$i++;
+	}
 	return $shaperrules;
+}
 ?>

Project

General

Profile

pfSense