# # Copyright (C) 2018 rosysong@rosinson.com # # This is the sample for nft-qos configuration file, # which will generate a nftables script in /tmp/qos.nft # # Getting Started # Official site : # https://netfilter.org/projects/nftables/index.html # What is nftables : # https://wiki.nftables.org/wiki-nftables/index.php/Main_Page # # Basic Operations # Configuring Tables : # https://wiki.nftables.org/wiki-nftables/index.php/Configuring_tables # Configuring Chains : # https://wiki.nftables.org/wiki-nftables/index.php/Configuring_chains # Configuring Rules : # https://wiki.nftables.org/wiki-nftables/index.php/Simple_rule_management # Quick Reference (recommended) : # https://wiki.nftables.org/wiki-nftables/index.php/Quick_reference-nftables_in_10_minutes # https://netfilter.org/projects/nftables/manpage.html # config default default # Enable Flag for limit rate option limit_enable '1' # Options for enable Static QoS (rate limit) option limit_type 'static' # Options for Static QoS (rate limit) option static_unit_dl 'kbytes' option static_unit_ul 'kbytes' option static_rate_dl '50' option static_rate_ul '50' # Options for enable Dynamic QoS # This option can not compatible with Static QoS # option limit_type 'dynamic' # For Dynamic QoS Samples (unit of bandwidth is Mbps): option dynamic_cidr '192.168.1.0/24' option dynamic_cidr6 'AAAA:BBBB::1/64' option dynamic_bw_up '100' option dynamic_bw_down '100' # White list for static/dynamic limit # list limit_whitelist '192.168.1.225' # list limit_whitelist '192.168.1.0/24' # list limit_whitelist 'ABCD:CDEF::1/64' # Option for Mac address based traffic control option limit_mac_enable '0' # Options for Traffic Priority option priority_enable '0' option priority_netdev 'lan' # # For Static QoS Rate Limit Samples : # # For Download : #config download # option hostname 'My PC' # option unit 'kbytes' # option ipaddr '192.168.1.224' # option rate '128' # # For Upload : #config upload # option hostname 'office-pc' # option unit 'mbytes' # option ipaddr 'ABCD:FFED::1/64' # option rate '1024' # # For MAC address based traffic control Samples : # #config client # option drunit 'kbytes' # option urunit 'kbytes' # option hostname 'tvbox' # option macaddr '00:00:00:00:00:00' # option drate '300' # option urate '30' # # Traffic Priority Samples : # # protocol : tcp, udp, udplite, sctp, dccp, tcp is default # priority : integer between 1-11, 1 is default and the highest # service : you can input a integer or service name, # e.g. '22', '11-22', 'telnet', 'ssh, http, ftp', etc # #config priority # option protocol 'tcp' # option priority '-400' # option service '23' # option comment '?' # #config priority # option protocol 'udp' # option priority '-400' # option service 'https' # option comment '?' # #config priority # option protocol 'dccp' # option priority '0' # option service '22-35' # option comment '?' # #config priority # option protocol 'dccp' # option priority '300' # option service 'ftp,ssh,http' # option comment '?' #