|
|
@ -7,7 +7,7 @@ IF="eth0" |
|
|
|
#limit of the network interface in question |
|
|
|
LINKCEIL="1gbit" |
|
|
|
#limit outbound Bitcoin protocol traffic to this rate |
|
|
|
LIMIT="160kbit" |
|
|
|
LIMIT="4mbit" |
|
|
|
#defines the IPv4 address space for which you wish to disable rate limiting |
|
|
|
LOCALNET_V4="192.168.0.0/16" |
|
|
|
#defines the IPv6 address space for which you wish to disable rate limiting |
|
|
@ -44,16 +44,16 @@ fi |
|
|
|
# ret=$? |
|
|
|
#done |
|
|
|
|
|
|
|
#limit outgoing traffic to and from port 8333. but not when dealing with a host on the local network |
|
|
|
#limit outgoing traffic to and from port 8888. but not when dealing with a host on the local network |
|
|
|
# (defined by $LOCALNET_V4 and $LOCALNET_V6) |
|
|
|
# --set-mark marks packages matching these criteria with the number "2" (v4) |
|
|
|
# --set-mark marks packages matching these criteria with the number "4" (v6) |
|
|
|
# these packets are filtered by the tc filter with "handle 2" |
|
|
|
# this filter sends the packages into the 1:11 class, and this class is limited to ${LIMIT} |
|
|
|
iptables -t mangle -A OUTPUT -p tcp -m tcp --dport 8333 ! -d ${LOCALNET_V4} -j MARK --set-mark 0x2 |
|
|
|
iptables -t mangle -A OUTPUT -p tcp -m tcp --sport 8333 ! -d ${LOCALNET_V4} -j MARK --set-mark 0x2 |
|
|
|
iptables -t mangle -A OUTPUT -p tcp -m tcp --dport 8888 ! -d ${LOCALNET_V4} -j MARK --set-mark 0x2 |
|
|
|
iptables -t mangle -A OUTPUT -p tcp -m tcp --sport 8888 ! -d ${LOCALNET_V4} -j MARK --set-mark 0x2 |
|
|
|
|
|
|
|
if [ ! -z "${LOCALNET_V6}" ] ; then |
|
|
|
ip6tables -t mangle -A OUTPUT -p tcp -m tcp --dport 8333 ! -d ${LOCALNET_V6} -j MARK --set-mark 0x4 |
|
|
|
ip6tables -t mangle -A OUTPUT -p tcp -m tcp --sport 8333 ! -d ${LOCALNET_V6} -j MARK --set-mark 0x4 |
|
|
|
ip6tables -t mangle -A OUTPUT -p tcp -m tcp --dport 8888 ! -d ${LOCALNET_V6} -j MARK --set-mark 0x4 |
|
|
|
ip6tables -t mangle -A OUTPUT -p tcp -m tcp --sport 8888 ! -d ${LOCALNET_V6} -j MARK --set-mark 0x4 |
|
|
|
fi |
|
|
|