feat: Replace SQM with per-client speed control for paid WiFi upgrade
Add parahub-speed-control script (nftables set + tc HTB) for per-IP speed shaping. Free tier 512kbps, paid tier unlimited. Heartbeat now parses paid_clients from API response and syncs nftables set. Replaced sqm-scripts/kmod-sched-cake/luci-app-sqm packages with tc-full/kmod-ifb/kmod-sched-htb. Section 8 of uci-defaults creates init.d service for speed control instead of SQM config. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
74
files/usr/bin/parahub-speed-control
Executable file
74
files/usr/bin/parahub-speed-control
Executable file
@@ -0,0 +1,74 @@
|
||||
#!/bin/sh
|
||||
# Parahub Mesh — Per-client speed control
|
||||
# Free tier: 512kbps (default), Paid tier: full speed (via nftables set + tc HTB)
|
||||
#
|
||||
# Usage: parahub-speed-control init|add <ip>|remove <ip>|list|flush
|
||||
|
||||
IFACE="br-guest"
|
||||
SLOW_RATE="512kbit"
|
||||
|
||||
case "$1" in
|
||||
init)
|
||||
# Remove SQM if active
|
||||
/etc/init.d/sqm stop 2>/dev/null
|
||||
/etc/init.d/sqm disable 2>/dev/null
|
||||
|
||||
# --- Egress shaping (router → client, i.e. download for client) ---
|
||||
tc qdisc del dev $IFACE root 2>/dev/null
|
||||
tc qdisc add dev $IFACE root handle 1: htb default 10
|
||||
tc class add dev $IFACE parent 1: classid 1:1 htb rate 1000mbit
|
||||
tc class add dev $IFACE parent 1:1 classid 1:10 htb rate $SLOW_RATE ceil $SLOW_RATE # free tier
|
||||
tc class add dev $IFACE parent 1:1 classid 1:20 htb rate 1000mbit # paid tier
|
||||
tc qdisc add dev $IFACE parent 1:10 fq_codel
|
||||
tc qdisc add dev $IFACE parent 1:20 fq_codel
|
||||
|
||||
# tc filter: packets with mark 0x20 → paid class
|
||||
tc filter add dev $IFACE parent 1: protocol ip handle 0x20 fw flowid 1:20
|
||||
|
||||
# --- Ingress shaping (client → router, i.e. upload for client) via IFB ---
|
||||
ip link add ifb-guest type ifb 2>/dev/null
|
||||
ip link set ifb-guest up
|
||||
tc qdisc del dev $IFACE ingress 2>/dev/null
|
||||
tc qdisc add dev $IFACE ingress
|
||||
tc filter add dev $IFACE parent ffff: protocol ip u32 match u32 0 0 action mirred egress redirect dev ifb-guest
|
||||
|
||||
tc qdisc del dev ifb-guest root 2>/dev/null
|
||||
tc qdisc add dev ifb-guest root handle 1: htb default 10
|
||||
tc class add dev ifb-guest parent 1: classid 1:1 htb rate 1000mbit
|
||||
tc class add dev ifb-guest parent 1:1 classid 1:10 htb rate $SLOW_RATE ceil $SLOW_RATE
|
||||
tc class add dev ifb-guest parent 1:1 classid 1:20 htb rate 1000mbit
|
||||
tc qdisc add dev ifb-guest parent 1:10 fq_codel
|
||||
tc qdisc add dev ifb-guest parent 1:20 fq_codel
|
||||
tc filter add dev ifb-guest parent 1: protocol ip handle 0x20 fw flowid 1:20
|
||||
|
||||
# --- nftables: paid_clients set + mark rules ---
|
||||
nft add table inet parahub 2>/dev/null
|
||||
nft flush table inet parahub 2>/dev/null
|
||||
nft add set inet parahub paid_clients '{ type ipv4_addr; }'
|
||||
nft add chain inet parahub speed_mark '{ type filter hook forward priority -150; }'
|
||||
nft add rule inet parahub speed_mark ip daddr @paid_clients meta mark set 0x20
|
||||
nft add rule inet parahub speed_mark ip saddr @paid_clients meta mark set 0x20
|
||||
|
||||
logger -t parahub-speed "Speed control initialized: free=${SLOW_RATE}, paid=unlimited"
|
||||
;;
|
||||
add)
|
||||
[ -z "$2" ] && echo "Usage: $0 add <ip>" && exit 1
|
||||
nft add element inet parahub paid_clients "{ $2 }" 2>/dev/null
|
||||
logger -t parahub-speed "Added paid client: $2"
|
||||
;;
|
||||
remove)
|
||||
[ -z "$2" ] && echo "Usage: $0 remove <ip>" && exit 1
|
||||
nft delete element inet parahub paid_clients "{ $2 }" 2>/dev/null
|
||||
logger -t parahub-speed "Removed paid client: $2"
|
||||
;;
|
||||
list)
|
||||
nft list set inet parahub paid_clients 2>/dev/null
|
||||
;;
|
||||
flush)
|
||||
nft flush set inet parahub paid_clients 2>/dev/null
|
||||
;;
|
||||
*)
|
||||
echo "Usage: $0 {init|add <ip>|remove <ip>|list|flush}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
Reference in New Issue
Block a user