* [bug#49258] [PATCH] Add wondershaper package and service @ 2021-06-28 15:22 Aljosha Papsch 2021-06-28 15:22 ` [bug#49254] [PATCH 1/4] gnu: Add wondershaper Aljosha Papsch ` (4 more replies) 0 siblings, 5 replies; 11+ messages in thread From: Aljosha Papsch @ 2021-06-28 15:22 UTC (permalink / raw) To: 49258 Hello Guix! These patches add a package and service for Wonder Shaper, a nice little tool configuring traffic control. The defaults should suffice for desktop usage, with the exception of download-speed and upload-speed, which must be chosen according to your actual speeds. I forked the upstream repository and the package uses the fork. It's not meant as a long lived fork. Currently the tool doesn't provide a way to specify the config file, users are expected to edit the script. A patch is pending upstream (https://github.com/magnific0/wondershaper/pull/68) to add a CLI option but in the meantime wondershaper-service would have to jump through some hoops to specify the options. While at it, I also added two other options for the maximum rate and burst rate for the lowest priority traffic class. My goal is to make data exfiltration harder in a server environment and a custom rate seems just right for that. I plan to send these options upstream as well. If you don't like exposing non-upstream options, an alternative could be to instead expose a list of pairs for arbitrary additional options which get pasted into the configuration file. Best regards Aljosha ^ permalink raw reply [flat|nested] 11+ messages in thread
* [bug#49254] [PATCH 1/4] gnu: Add wondershaper. 2021-06-28 15:22 [bug#49258] [PATCH] Add wondershaper package and service Aljosha Papsch @ 2021-06-28 15:22 ` Aljosha Papsch 2021-06-30 20:15 ` Maxime Devos 2021-06-28 15:22 ` [bug#49255] [PATCH 2/4] gnu: Add wondershaper service Aljosha Papsch ` (3 subsequent siblings) 4 siblings, 1 reply; 11+ messages in thread From: Aljosha Papsch @ 2021-06-28 15:22 UTC (permalink / raw) To: 49254; +Cc: Aljosha Papsch * gnu/packages/networking.scm (wondershaper): New variable. --- gnu/packages/networking.scm | 45 +++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm index 82c7a0161a..7374ad5dbc 100644 --- a/gnu/packages/networking.scm +++ b/gnu/packages/networking.scm @@ -65,6 +65,7 @@ #:use-module (guix download) #:use-module (guix git-download) #:use-module (guix build-system cmake) + #:use-module (guix build-system copy) #:use-module (guix build-system glib-or-gtk) #:use-module (guix build-system gnu) #:use-module (guix build-system go) @@ -4196,3 +4197,47 @@ IPv6 Internet connectivity - it also works over IPv4.") ;; version. This exception does not (and cannot) modify any license terms ;; which apply to the Application, with which you must still comply license:lgpl3))) + +(define-public wondershaper + (package + (name "wondershaper") + (version "1.4.1") + (source + (origin + (method git-fetch) + (uri + (git-reference + (url "https://github.com/apapsch/wondershaper") + (commit "0987dbb0c360184b8aacf391646e19ea9ee78b10"))) + (file-name (git-file-name name version)) + (sha256 + (base32 "1hyivkpvr5pv8wg64i7vgpxib4allbp4v1ahp3qhc1d88rkw7gjs")))) + (build-system copy-build-system) + (arguments + `(#:install-plan '(("./wondershaper" "./bin/")) + #:phases + (modify-phases %standard-phases + (add-after 'patch-shebangs 'patch-invoked-commands + (lambda* (#:key outputs inputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append out "/bin"))) + (substitute* (string-append bin "/wondershaper") + (("^\\s*ip ") + (string-append (which "ip") " ")) + (("^\\s*modprobe ") + (string-append (which "modprobe") " ")) + (("^\\s*tc ") + (string-append (which "tc") " ")))) + #t))))) + (inputs + `(("iproute2" ,iproute) + ("kmod" ,kmod))) + (synopsis "Command-line utility for limiting an adapter's bandwidth") + (description "Wonder Shaper allows the user to limit the bandwidth of one +or more network adapters. It does so by using iproute's tc command, but +greatly simplifies its operation. Wonder Shaper was first released by Bert +Hubert in 2002. A subsequent release added a command-line interface. Wonder +Shaper makes use of tc's Hierarchical Token Bucket (HTB) queue, ensuring good +bandwidth management on high speed (above ten megabits) links.") + (home-page "https://github.com/magnific0/wondershaper") + (license license:gpl2))) -- 2.32.0 ^ permalink raw reply related [flat|nested] 11+ messages in thread
* [bug#49254] [PATCH 1/4] gnu: Add wondershaper. 2021-06-28 15:22 ` [bug#49254] [PATCH 1/4] gnu: Add wondershaper Aljosha Papsch @ 2021-06-30 20:15 ` Maxime Devos 0 siblings, 0 replies; 11+ messages in thread From: Maxime Devos @ 2021-06-30 20:15 UTC (permalink / raw) To: Aljosha Papsch, 49254 [-- Attachment #1: Type: text/plain, Size: 1947 bytes --] Aljosha Papsch schreef op ma 28-06-2021 om 17:22 [+0200]: > + (git-reference > + (url "https://github.com/apapsch/wondershaper") > + (commit "0987dbb0c360184b8aacf391646e19ea9ee78b10"))) Best add a comment like ;; Use a fork that allows overriding the configuration file ‘We’ usually try to use upstream versions. > + (file-name (git-file-name name version)) > + (sha256 > + (base32 "1hyivkpvr5pv8wg64i7vgpxib4allbp4v1ahp3qhc1d88rkw7gjs")))) > + (build-system copy-build-system) > + (arguments > + `(#:install-plan '(("./wondershaper" "./bin/")) > + #:phases > + (modify-phases %standard-phases > + (add-after 'patch-shebangs 'patch-invoked-commands > + (lambda* (#:key outputs inputs #:allow-other-keys) > + (let* ((out (assoc-ref outputs "out")) > + (bin (string-append out "/bin"))) > + (substitute* (string-append bin "/wondershaper") > + (("^\\s*ip ") > + (string-append (which "ip") " ")) Using (which "blabla") is not correct when cross-compiling, as "which" looks in $PATH, but "iproute2" (and "kmod") won't be in $PATH when cross-compiling as they are 'inputs', not 'native-inputs' You'd need (search-input-file inputs "/bin/ip") (or maybe "/sbin/ip", I dunno). Actually, search-input-file is in core-updates, but not yet on 'master', so instead do (string-append (assoc-ref inputs "iproute2") "/bin/ip") or something like that. Looking at the source code, I see usage(){ cat << EOF so it seems you need to substitute "cat" as well (it is from coreutils). I'd recommend copying "wondershaper.conf" somewhere as well, and substituting "/etc/conf.d/wondershaper.conf" and "/etc/systemd/wondershaper.conf" in 'wondershaper' appropriately, so it will have some defaults. Greetings, Maxime. [-- Attachment #2: This is a digitally signed message part --] [-- Type: application/pgp-signature, Size: 260 bytes --] ^ permalink raw reply [flat|nested] 11+ messages in thread
* [bug#49255] [PATCH 2/4] gnu: Add wondershaper service. 2021-06-28 15:22 [bug#49258] [PATCH] Add wondershaper package and service Aljosha Papsch 2021-06-28 15:22 ` [bug#49254] [PATCH 1/4] gnu: Add wondershaper Aljosha Papsch @ 2021-06-28 15:22 ` Aljosha Papsch 2021-06-28 15:22 ` [bug#49256] [PATCH 3/4] guix.texi: Document wondershaper-service-type Aljosha Papsch ` (2 subsequent siblings) 4 siblings, 0 replies; 11+ messages in thread From: Aljosha Papsch @ 2021-06-28 15:22 UTC (permalink / raw) To: 49255; +Cc: Aljosha Papsch * gnu/services/networking.scm (wondershaper-configuration): New symbol. Configuration for wondershaper-service-type. * gnu/services/networking.scm (wondershaper-configuration?): New symbol. Predicate for wondershaper-configuration. * gnu/services/networking.scm (wondershaper-service-type): New symbol. One-shot service running wondershaper with a generated config file. --- gnu/services/networking.scm | 107 +++++++++++++++++++++++++++++++++++- 1 file changed, 106 insertions(+), 1 deletion(-) diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 87b3d754a3..a17f41aa30 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -221,7 +221,11 @@ keepalived-configuration keepalived-configuration? - keepalived-service-type)) + keepalived-service-type + + wondershaper-configuration + wondershaper-configuration? + wondershaper-service-type)) ;;; Commentary: ;;; @@ -2190,4 +2194,105 @@ of the IPFS peer-to-peer storage network."))) "Run @uref{https://www.keepalived.org/, Keepalived} routing software."))) +\f +;;; +;;; Wondershaper +;;; + +(define %wondershaper-default-download-speed 2048) + +(define-record-type* <wondershaper-configuration> + wondershaper-configuration make-wondershaper-configuration + wondershaper-configuration? + (wondershaper wondershaper-configuration-wondershaper ;<package> + (default wondershaper)) + (interface wondershaper-configuration-interface ;string + (default "eth0")) + (download-speed wondershaper-configuration-download-speed ;number (kbps) + (default %wondershaper-default-download-speed)) + (upload-speed wondershaper-configuration-upload-speed ;number (kbps) + (default 512)) + (prio-3-rate wondershaper-configuration-prio-3-rate ;number (kbps) + (default (/ (* 20 %wondershaper-default-download-speed) 100))) + (prio-3-ceil wondershaper-configuration-prio-3-ceil + (default (/ (* 90 %wondershaper-default-download-speed) 100))) + (high-prio-dest wondershaper-configuration-high-prio-dest ;list of ip addresses + (default '())) + (no-prio-host-src wondershaper-configuration-no-prio-host-src ;list of ip addresses + (default '())) + (no-prio-host-dest wondershaper-configuration-no-prio-host-dest ;list of ip addresses + (default '())) + (no-prio-port-src wondershaper-configuration-no-prio-port-src ;list of port numbers + (default '())) + (no-prio-port-dest wondershaper-configuration-no-prio-port-dest ;list of port numbers + (default '()))) + +(define wondershaper-config-file + (match-lambda + (($ <wondershaper-configuration> _ interface download-speed + upload-speed prio-3-rate prio-3-ceil high-prio-dest + no-prio-host-src no-prio-host-dest + no-prio-port-src no-prio-port-dest) + (begin + (define (shell-quote str) + "Return STR wrapped in single quotes, with every single quote in the string escaped." + (let ((quote-char (lambda (chr) + (if (eq? chr #\') + "'\\''" + (string chr))))) + (string-append + "'" + (let loop ((chars (string->list str)) + (result "")) + (match chars + (() result) + ((head tail ...) + (loop tail + (string-append result + (quote-char head)))))) + "'"))) + (define (list->bash-array lst) + (string-append "(" (string-join (map shell-quote lst)) ")")) + (define (format-config) + (string-append + "IFACE=" (shell-quote interface) " +DSPEED=\"" (number->string download-speed) "\" +USPEED=\"" (number->string upload-speed) "\" +PRIO_3_RATE=\"" (number->string prio-3-rate) "\" +PRIO_3_CEIL=\"" (number->string prio-3-ceil) "\" +HIPRIODST=" (list->bash-array high-prio-dest) " +NOPRIOHOSTSRC=" (list->bash-array no-prio-host-src) " +NOPRIOHOSTDST=" (list->bash-array no-prio-host-dest) " +NOPRIOPORTSRC=" (list->bash-array (map number->string no-prio-port-src)) " +NOPRIOPORTDST=" (list->bash-array (map number->string no-prio-port-dest)) " +")) + (computed-file + "wondershaper.conf" + #~(call-with-output-file #$output + (lambda (port) + (display "# Generated by wondershaper-service\n" port) + (display #$(format-config) port)))))))) + +(define (wondershaper-shepherd-service config) + (match config + (($ <wondershaper-configuration> wondershaper) + (list (shepherd-service + (provision '(wondershaper)) + (documentation "Configure traffic control") + (requirement '(networking)) + (start #~(lambda _ + (invoke #$(file-append wondershaper "/bin/wondershaper") + "-p" "-f" #$(wondershaper-config-file config)))) + (one-shot? #t)))))) + +(define wondershaper-service-type + (service-type + (name 'wondershaper) + (extensions + (list (service-extension shepherd-root-service-type + wondershaper-shepherd-service))) + (default-value (wondershaper-configuration)) + (description "Run @uref{https://github.com/magnific0/wondershaper, +wondershaper}, a small utility script setting up traffic control (tc)."))) + ;;; networking.scm ends here -- 2.32.0 ^ permalink raw reply related [flat|nested] 11+ messages in thread
* [bug#49256] [PATCH 3/4] guix.texi: Document wondershaper-service-type. 2021-06-28 15:22 [bug#49258] [PATCH] Add wondershaper package and service Aljosha Papsch 2021-06-28 15:22 ` [bug#49254] [PATCH 1/4] gnu: Add wondershaper Aljosha Papsch 2021-06-28 15:22 ` [bug#49255] [PATCH 2/4] gnu: Add wondershaper service Aljosha Papsch @ 2021-06-28 15:22 ` Aljosha Papsch 2021-06-28 15:22 ` [bug#49257] [PATCH 4/4] Add wondershaper related copright lines Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH v2] Revise wondershaper package Aljosha Papsch 4 siblings, 0 replies; 11+ messages in thread From: Aljosha Papsch @ 2021-06-28 15:22 UTC (permalink / raw) To: 49256; +Cc: Aljosha Papsch * doc/guix.texi: Document wondershaper-service-type and wondershaper-configuration fields. --- doc/guix.texi | 73 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) diff --git a/doc/guix.texi b/doc/guix.texi index e71ec70859..14764bfae4 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -16890,6 +16890,79 @@ See @uref{https://www.torproject.org/docs/tor-hidden-service.html.en, the Tor project's documentation} for more information. @end deffn +@cindex Wondershaper +@defvr {Scheme Variable} wondershaper-service-type +This is the type for a service that runs +@uref{https://github.com/magnific0/wondershaper, Wonder Shaper} once +during boot. It configures traffic control (tc) with a Hierarchy Token +Bucket (htb) queue both for upload and download. For upload three +classes are added in order to prioritize traffic. Priority 1 is the +highest priority and priority 3 is the lowest priority. Interactive +traffic (e.g. ssh) is designated priority 1, while non-interactive +traffic is designated priority 2. Priority 3 is reserved for specially +configured ports and addresses. The service is configured using a +@code{<wondershaper-configuration>} record. Some options below are not +found in the original upstream release but are maintained +@uref{https://github.com/apapsch/wondershaper, in a fork} until merged. +These options are marked specially. + +@end defvr + +@deftp {Data Type} wondershaper-configuration +@table @asis +@item @code{wondershaper} (default: @code{wondershaper}) +The package that provides Wonder Shaper. This package is expected to +provide the script at @file{bin/wondershaper} relative to its output +directory. The default package is +@uref{https://github.com/apapsch/wondershaper, a fork of Wonder Shaper} +adding more configuration options. + +@item @code{interface} (default: @code{"eth0"}) +The interface for which the limits shall be applied. + +@item @code{download-speed} (default: @code{2048}) +Maximum download speed in kbits. Tune this parameter to be a bit less than +your actual download speed. + +@item @code{upload-speed} (default: @code{512}) +Maximum upload speed in kbits. Tune this parameter to be a bit less than +your actual upload speed. + +@item @code{prio-3-rate} (default: @code{download-speed * 20 / 100}) +Maximum rate (kbits) for the priority 3 class, which is the lowest priority for +upload traffic. In a desktop environment the default computed value +should suffice, while in a controlled environment you might want to set +a static value. This option exists only in the fork! + +@item @code{prio-3-ceil} (default: @code{download-speed * 90 / 100}) +Maximum burst rate (kbits) for the priority 3 class. The same remarks as +for @code{prio-3-rate} apply. This option exists only in the fork! + +@item @code{high-prio-dest} (default: @code{'()}) +List of destination IP addresses for which traffic is designated +priority 1. This applies to upload only. Note that SSH (not SCP), ICMP +and packets smaller than 64b are automatically designated priority 1 no +matter the destination address. + +@item @code{no-prio-host-src} (default: @code{'()}) +List of source IP addresses for which traffic is designated priority 3. +This applies to upload only. + +@item @code{no-prio-host-dest} (default: @code{'()}) +List of destination IP addresses for which traffic is designated +priority 3. This applies to upload only. + +@item @code{no-prio-port-src} (default: @code{'()}) +List of source port numbers for which traffic is designated priority 3. +This applies to upload only. + +@item @code{no-prio-port-dest} (default: @code{'()}) +List of destination port numbers for which traffic is designated +priority 3. This applies to upload only. + +@end table +@end deftp + The @code{(gnu services rsync)} module provides the following services: You might want an rsync daemon if you have files that you want available -- 2.32.0 ^ permalink raw reply related [flat|nested] 11+ messages in thread
* [bug#49257] [PATCH 4/4] Add wondershaper related copright lines. 2021-06-28 15:22 [bug#49258] [PATCH] Add wondershaper package and service Aljosha Papsch ` (2 preceding siblings ...) 2021-06-28 15:22 ` [bug#49256] [PATCH 3/4] guix.texi: Document wondershaper-service-type Aljosha Papsch @ 2021-06-28 15:22 ` Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH v2] Revise wondershaper package Aljosha Papsch 4 siblings, 0 replies; 11+ messages in thread From: Aljosha Papsch @ 2021-06-28 15:22 UTC (permalink / raw) To: 49257; +Cc: Aljosha Papsch --- doc/guix.texi | 1 + gnu/packages/networking.scm | 1 + gnu/services/networking.scm | 1 + 3 files changed, 3 insertions(+) diff --git a/doc/guix.texi b/doc/guix.texi index 14764bfae4..2c86b00d49 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -90,6 +90,7 @@ Copyright @copyright{} 2020 Edgar Vincent@* Copyright @copyright{} 2021 Maxime Devos@* Copyright @copyright{} 2021 B. Wilson@* Copyright @copyright{} 2021 Xinglu Chen@* +Copyright @copyright{} 2021 Aljosha Papsch@* Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm index 7374ad5dbc..878907f61f 100644 --- a/gnu/packages/networking.scm +++ b/gnu/packages/networking.scm @@ -43,6 +43,7 @@ ;;; Copyright © 2020 Hamzeh Nasajpour <h.nasajpour@pantherx.org> ;;; Copyright © 2020 Michael Rohleder <mike@rohleder.de> ;;; Copyright © 2021 Hartmut Goebel <h.goebel@crazy-compilers.com> +;;; Copyright © 2021 Aljosha Papsch <ep@stern-data.com> ;;; ;;; This file is part of GNU Guix. ;;; diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index a17f41aa30..c48cf50452 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -17,6 +17,7 @@ ;;; Copyright © 2021 Oleg Pykhalov <go.wigust@gmail.com> ;;; Copyright © 2021 Christopher Lemmer Webber <cwebber@dustycloud.org> ;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be> +;;; Copyright © 2021 Aljosha Papsch <ep@stern-data.com> ;;; ;;; This file is part of GNU Guix. ;;; -- 2.32.0 ^ permalink raw reply related [flat|nested] 11+ messages in thread
* [bug#49258] [PATCH v2] Revise wondershaper package 2021-06-28 15:22 [bug#49258] [PATCH] Add wondershaper package and service Aljosha Papsch ` (3 preceding siblings ...) 2021-06-28 15:22 ` [bug#49257] [PATCH 4/4] Add wondershaper related copright lines Aljosha Papsch @ 2021-07-09 13:54 ` Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH 1/4] gnu: Add wondershaper Aljosha Papsch ` (3 more replies) 4 siblings, 4 replies; 11+ messages in thread From: Aljosha Papsch @ 2021-07-09 13:54 UTC (permalink / raw) To: 49258 Hello, this new patch version takes care of the points raised by Maxime (https://issues.guix.gnu.org/49254#2): * add a comment describing why a fork is used * replace (which ...) with (string-append (assoc-ref inputs ...) ...). * copy config file to store and substitute store file as fallback config. * substitute "cat" with full name from coreutils package. Please take another look at these patches. Thanks ^ permalink raw reply [flat|nested] 11+ messages in thread
* [bug#49258] [PATCH 1/4] gnu: Add wondershaper. 2021-07-09 13:54 ` [bug#49258] [PATCH v2] Revise wondershaper package Aljosha Papsch @ 2021-07-09 13:54 ` Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH 2/4] gnu: Add wondershaper service Aljosha Papsch ` (2 subsequent siblings) 3 siblings, 0 replies; 11+ messages in thread From: Aljosha Papsch @ 2021-07-09 13:54 UTC (permalink / raw) To: 49258; +Cc: Aljosha Papsch * gnu/packages/networking.scm (wondershaper): New variable. --- gnu/packages/networking.scm | 51 +++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm index fe73c9cdc7..920d01d8e5 100644 --- a/gnu/packages/networking.scm +++ b/gnu/packages/networking.scm @@ -64,6 +64,7 @@ #:use-module (guix download) #:use-module (guix git-download) #:use-module (guix build-system cmake) + #:use-module (guix build-system copy) #:use-module (guix build-system glib-or-gtk) #:use-module (guix build-system gnu) #:use-module (guix build-system go) @@ -4069,3 +4070,53 @@ IPv6 Internet connectivity - it also works over IPv4.") ;; version. This exception does not (and cannot) modify any license terms ;; which apply to the Application, with which you must still comply license:lgpl3))) + +(define-public wondershaper + (package + (name "wondershaper") + (version "1.4.1") + (source + (origin + (method git-fetch) + (uri + ;; Use a fork that allows overriding the configuration file + (git-reference + (url "https://github.com/apapsch/wondershaper") + (commit "0987dbb0c360184b8aacf391646e19ea9ee78b10"))) + (file-name (git-file-name name version)) + (sha256 + (base32 "1hyivkpvr5pv8wg64i7vgpxib4allbp4v1ahp3qhc1d88rkw7gjs")))) + (build-system copy-build-system) + (arguments + `(#:install-plan '(("./wondershaper" "./bin/") + ("./wondershaper.conf" "./etc/")) + #:phases + (modify-phases %standard-phases + (add-after 'patch-shebangs 'patch-invoked-commands + (lambda* (#:key outputs inputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out"))) + (substitute* (string-append out "/bin/wondershaper") + (("^\\s*ip ") + (string-append (assoc-ref inputs "iproute2") "/sbin/ip ")) + (("^\\s*modprobe ") + (string-append (assoc-ref inputs "kmod") "/bin/modprobe ")) + (("^\\s*tc ") + (string-append (assoc-ref inputs "iproute2") "/sbin/tc ")) + (("^\\s*cat ") + (string-append (assoc-ref inputs "coreutils") "/bin/cat ")) + (("/etc/.+/wondershaper.conf") + (string-append out "/etc/wondershaper.conf")))) + #t))))) + (inputs + `(("coreutils" ,coreutils) + ("iproute2" ,iproute) + ("kmod" ,kmod))) + (synopsis "Command-line utility for limiting an adapter's bandwidth") + (description "Wonder Shaper allows the user to limit the bandwidth of one +or more network adapters. It does so by using iproute's tc command, but +greatly simplifies its operation. Wonder Shaper was first released by Bert +Hubert in 2002. A subsequent release added a command-line interface. Wonder +Shaper makes use of tc's Hierarchical Token Bucket (HTB) queue, ensuring good +bandwidth management on high speed (above ten megabits) links.") + (home-page "https://github.com/magnific0/wondershaper") + (license license:gpl2))) -- 2.32.0 ^ permalink raw reply related [flat|nested] 11+ messages in thread
* [bug#49258] [PATCH 2/4] gnu: Add wondershaper service. 2021-07-09 13:54 ` [bug#49258] [PATCH v2] Revise wondershaper package Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH 1/4] gnu: Add wondershaper Aljosha Papsch @ 2021-07-09 13:54 ` Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH 3/4] guix.texi: Document wondershaper-service-type Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH 4/4] Add wondershaper related copright lines Aljosha Papsch 3 siblings, 0 replies; 11+ messages in thread From: Aljosha Papsch @ 2021-07-09 13:54 UTC (permalink / raw) To: 49258; +Cc: Aljosha Papsch * gnu/services/networking.scm (wondershaper-configuration): New symbol. Configuration for wondershaper-service-type. * gnu/services/networking.scm (wondershaper-configuration?): New symbol. Predicate for wondershaper-configuration. * gnu/services/networking.scm (wondershaper-service-type): New symbol. One-shot service running wondershaper with a generated config file. --- gnu/services/networking.scm | 107 +++++++++++++++++++++++++++++++++++- 1 file changed, 106 insertions(+), 1 deletion(-) diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 1ae58041d3..1d3e061758 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -218,7 +218,11 @@ keepalived-configuration keepalived-configuration? - keepalived-service-type)) + keepalived-service-type + + wondershaper-configuration + wondershaper-configuration? + wondershaper-service-type)) ;;; Commentary: ;;; @@ -2151,4 +2155,105 @@ of the IPFS peer-to-peer storage network."))) "Run @uref{https://www.keepalived.org/, Keepalived} routing software."))) +\f +;;; +;;; Wondershaper +;;; + +(define %wondershaper-default-download-speed 2048) + +(define-record-type* <wondershaper-configuration> + wondershaper-configuration make-wondershaper-configuration + wondershaper-configuration? + (wondershaper wondershaper-configuration-wondershaper ;<package> + (default wondershaper)) + (interface wondershaper-configuration-interface ;string + (default "eth0")) + (download-speed wondershaper-configuration-download-speed ;number (kbps) + (default %wondershaper-default-download-speed)) + (upload-speed wondershaper-configuration-upload-speed ;number (kbps) + (default 512)) + (prio-3-rate wondershaper-configuration-prio-3-rate ;number (kbps) + (default (/ (* 20 %wondershaper-default-download-speed) 100))) + (prio-3-ceil wondershaper-configuration-prio-3-ceil + (default (/ (* 90 %wondershaper-default-download-speed) 100))) + (high-prio-dest wondershaper-configuration-high-prio-dest ;list of ip addresses + (default '())) + (no-prio-host-src wondershaper-configuration-no-prio-host-src ;list of ip addresses + (default '())) + (no-prio-host-dest wondershaper-configuration-no-prio-host-dest ;list of ip addresses + (default '())) + (no-prio-port-src wondershaper-configuration-no-prio-port-src ;list of port numbers + (default '())) + (no-prio-port-dest wondershaper-configuration-no-prio-port-dest ;list of port numbers + (default '()))) + +(define wondershaper-config-file + (match-lambda + (($ <wondershaper-configuration> _ interface download-speed + upload-speed prio-3-rate prio-3-ceil high-prio-dest + no-prio-host-src no-prio-host-dest + no-prio-port-src no-prio-port-dest) + (begin + (define (shell-quote str) + "Return STR wrapped in single quotes, with every single quote in the string escaped." + (let ((quote-char (lambda (chr) + (if (eq? chr #\') + "'\\''" + (string chr))))) + (string-append + "'" + (let loop ((chars (string->list str)) + (result "")) + (match chars + (() result) + ((head tail ...) + (loop tail + (string-append result + (quote-char head)))))) + "'"))) + (define (list->bash-array lst) + (string-append "(" (string-join (map shell-quote lst)) ")")) + (define (format-config) + (string-append + "IFACE=" (shell-quote interface) " +DSPEED=\"" (number->string download-speed) "\" +USPEED=\"" (number->string upload-speed) "\" +PRIO_3_RATE=\"" (number->string prio-3-rate) "\" +PRIO_3_CEIL=\"" (number->string prio-3-ceil) "\" +HIPRIODST=" (list->bash-array high-prio-dest) " +NOPRIOHOSTSRC=" (list->bash-array no-prio-host-src) " +NOPRIOHOSTDST=" (list->bash-array no-prio-host-dest) " +NOPRIOPORTSRC=" (list->bash-array (map number->string no-prio-port-src)) " +NOPRIOPORTDST=" (list->bash-array (map number->string no-prio-port-dest)) " +")) + (computed-file + "wondershaper.conf" + #~(call-with-output-file #$output + (lambda (port) + (display "# Generated by wondershaper-service\n" port) + (display #$(format-config) port)))))))) + +(define (wondershaper-shepherd-service config) + (match config + (($ <wondershaper-configuration> wondershaper) + (list (shepherd-service + (provision '(wondershaper)) + (documentation "Configure traffic control") + (requirement '(networking)) + (start #~(lambda _ + (invoke #$(file-append wondershaper "/bin/wondershaper") + "-p" "-f" #$(wondershaper-config-file config)))) + (one-shot? #t)))))) + +(define wondershaper-service-type + (service-type + (name 'wondershaper) + (extensions + (list (service-extension shepherd-root-service-type + wondershaper-shepherd-service))) + (default-value (wondershaper-configuration)) + (description "Run @uref{https://github.com/magnific0/wondershaper, +wondershaper}, a small utility script setting up traffic control (tc)."))) + ;;; networking.scm ends here -- 2.32.0 ^ permalink raw reply related [flat|nested] 11+ messages in thread
* [bug#49258] [PATCH 3/4] guix.texi: Document wondershaper-service-type. 2021-07-09 13:54 ` [bug#49258] [PATCH v2] Revise wondershaper package Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH 1/4] gnu: Add wondershaper Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH 2/4] gnu: Add wondershaper service Aljosha Papsch @ 2021-07-09 13:54 ` Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH 4/4] Add wondershaper related copright lines Aljosha Papsch 3 siblings, 0 replies; 11+ messages in thread From: Aljosha Papsch @ 2021-07-09 13:54 UTC (permalink / raw) To: 49258; +Cc: Aljosha Papsch * doc/guix.texi: Document wondershaper-service-type and wondershaper-configuration fields. --- doc/guix.texi | 73 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) diff --git a/doc/guix.texi b/doc/guix.texi index 18bc600440..58238f5935 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -16945,6 +16945,79 @@ See @uref{https://www.torproject.org/docs/tor-hidden-service.html.en, the Tor project's documentation} for more information. @end deffn +@cindex Wondershaper +@defvr {Scheme Variable} wondershaper-service-type +This is the type for a service that runs +@uref{https://github.com/magnific0/wondershaper, Wonder Shaper} once +during boot. It configures traffic control (tc) with a Hierarchy Token +Bucket (htb) queue both for upload and download. For upload three +classes are added in order to prioritize traffic. Priority 1 is the +highest priority and priority 3 is the lowest priority. Interactive +traffic (e.g. ssh) is designated priority 1, while non-interactive +traffic is designated priority 2. Priority 3 is reserved for specially +configured ports and addresses. The service is configured using a +@code{<wondershaper-configuration>} record. Some options below are not +found in the original upstream release but are maintained +@uref{https://github.com/apapsch/wondershaper, in a fork} until merged. +These options are marked specially. + +@end defvr + +@deftp {Data Type} wondershaper-configuration +@table @asis +@item @code{wondershaper} (default: @code{wondershaper}) +The package that provides Wonder Shaper. This package is expected to +provide the script at @file{bin/wondershaper} relative to its output +directory. The default package is +@uref{https://github.com/apapsch/wondershaper, a fork of Wonder Shaper} +adding more configuration options. + +@item @code{interface} (default: @code{"eth0"}) +The interface for which the limits shall be applied. + +@item @code{download-speed} (default: @code{2048}) +Maximum download speed in kbits. Tune this parameter to be a bit less than +your actual download speed. + +@item @code{upload-speed} (default: @code{512}) +Maximum upload speed in kbits. Tune this parameter to be a bit less than +your actual upload speed. + +@item @code{prio-3-rate} (default: @code{download-speed * 20 / 100}) +Maximum rate (kbits) for the priority 3 class, which is the lowest priority for +upload traffic. In a desktop environment the default computed value +should suffice, while in a controlled environment you might want to set +a static value. This option exists only in the fork! + +@item @code{prio-3-ceil} (default: @code{download-speed * 90 / 100}) +Maximum burst rate (kbits) for the priority 3 class. The same remarks as +for @code{prio-3-rate} apply. This option exists only in the fork! + +@item @code{high-prio-dest} (default: @code{'()}) +List of destination IP addresses for which traffic is designated +priority 1. This applies to upload only. Note that SSH (not SCP), ICMP +and packets smaller than 64b are automatically designated priority 1 no +matter the destination address. + +@item @code{no-prio-host-src} (default: @code{'()}) +List of source IP addresses for which traffic is designated priority 3. +This applies to upload only. + +@item @code{no-prio-host-dest} (default: @code{'()}) +List of destination IP addresses for which traffic is designated +priority 3. This applies to upload only. + +@item @code{no-prio-port-src} (default: @code{'()}) +List of source port numbers for which traffic is designated priority 3. +This applies to upload only. + +@item @code{no-prio-port-dest} (default: @code{'()}) +List of destination port numbers for which traffic is designated +priority 3. This applies to upload only. + +@end table +@end deftp + The @code{(gnu services rsync)} module provides the following services: You might want an rsync daemon if you have files that you want available -- 2.32.0 ^ permalink raw reply related [flat|nested] 11+ messages in thread
* [bug#49258] [PATCH 4/4] Add wondershaper related copright lines. 2021-07-09 13:54 ` [bug#49258] [PATCH v2] Revise wondershaper package Aljosha Papsch ` (2 preceding siblings ...) 2021-07-09 13:54 ` [bug#49258] [PATCH 3/4] guix.texi: Document wondershaper-service-type Aljosha Papsch @ 2021-07-09 13:54 ` Aljosha Papsch 3 siblings, 0 replies; 11+ messages in thread From: Aljosha Papsch @ 2021-07-09 13:54 UTC (permalink / raw) To: 49258; +Cc: Aljosha Papsch --- doc/guix.texi | 8 ++++++-- gnu/packages/networking.scm | 1 + gnu/services/networking.scm | 1 + 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 58238f5935..b07c7d7ebe 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -91,7 +91,7 @@ Copyright @copyright{} 2020 Edgar Vincent@* Copyright @copyright{} 2021 Maxime Devos@* Copyright @copyright{} 2021 B. Wilson@* Copyright @copyright{} 2021 Xinglu Chen@* -Copyright @copyright{} 2021 Raghav Gururajan@* +Copyright @copyright{} 2021 Aljosha Papsch@* Copyright @copyright{} 2021 Domagoj Stolfa@* Copyright @copyright{} 2021 Hui Lu@* @@ -864,6 +864,7 @@ version 0.1.0 or later; @item @uref{https://www.nongnu.org/guile-avahi/, Guile-Avahi}; @item @uref{https://gitlab.com/guile-git/guile-git, Guile-Git}, version 0.5.0 + or later; @item @uref{https://savannah.nongnu.org/projects/guile-json/, Guile-JSON} 4.3.0 or later; @@ -3740,6 +3741,7 @@ other substitute server. @cindex ACL (access control list), for substitutes To allow Guix to download substitutes from @code{@value{SUBSTITUTE-SERVER-1}}, @code{@value{SUBSTITUTE-SERVER-2}} or a mirror, you must add the relevant public key to the access control list (ACL) of archive + imports, using the @command{guix archive} command (@pxref{Invoking guix archive}). Doing so implies that you trust the substitute server to not be compromised and to serve genuine substitutes. @@ -18817,6 +18819,7 @@ Specifies whether to support HTTP keep-alive connections. Defaults to @samp{#t}. @end deftypevr + @deftypevr {@code{cups-configuration} parameter} non-negative-integer limit-request-body Specifies the maximum size of print files, IPP requests, and HTML form data. A limit of 0 disables the limit check. @@ -27233,6 +27236,7 @@ Defaults to @samp{#f}. @end deftypevr + @c %end of automatic openvpn-server documentation @subheading strongSwan @@ -35513,4 +35517,4 @@ providing artwork and themes, making suggestions, and more---thank you! @c Local Variables: @c ispell-local-dictionary: "american"; -@c End: +@c End: \ No newline at end of file diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm index 920d01d8e5..4feffcd2c7 100644 --- a/gnu/packages/networking.scm +++ b/gnu/packages/networking.scm @@ -42,6 +42,7 @@ ;;; Copyright © 2020 Hamzeh Nasajpour <h.nasajpour@pantherx.org> ;;; Copyright © 2020 Michael Rohleder <mike@rohleder.de> ;;; Copyright © 2021 Hartmut Goebel <h.goebel@crazy-compilers.com> +;;; Copyright © 2021 Aljosha Papsch <ep@stern-data.com> ;;; ;;; This file is part of GNU Guix. ;;; diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 1d3e061758..4fb9c788d4 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -17,6 +17,7 @@ ;;; Copyright © 2021 Oleg Pykhalov <go.wigust@gmail.com> ;;; Copyright © 2021 Christopher Lemmer Webber <cwebber@dustycloud.org> ;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be> +;;; Copyright © 2021 Aljosha Papsch <ep@stern-data.com> ;;; ;;; This file is part of GNU Guix. ;;; -- 2.32.0 ^ permalink raw reply related [flat|nested] 11+ messages in thread
end of thread, other threads:[~2021-07-09 14:22 UTC | newest] Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2021-06-28 15:22 [bug#49258] [PATCH] Add wondershaper package and service Aljosha Papsch 2021-06-28 15:22 ` [bug#49254] [PATCH 1/4] gnu: Add wondershaper Aljosha Papsch 2021-06-30 20:15 ` Maxime Devos 2021-06-28 15:22 ` [bug#49255] [PATCH 2/4] gnu: Add wondershaper service Aljosha Papsch 2021-06-28 15:22 ` [bug#49256] [PATCH 3/4] guix.texi: Document wondershaper-service-type Aljosha Papsch 2021-06-28 15:22 ` [bug#49257] [PATCH 4/4] Add wondershaper related copright lines Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH v2] Revise wondershaper package Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH 1/4] gnu: Add wondershaper Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH 2/4] gnu: Add wondershaper service Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH 3/4] guix.texi: Document wondershaper-service-type Aljosha Papsch 2021-07-09 13:54 ` [bug#49258] [PATCH 4/4] Add wondershaper related copright lines Aljosha Papsch
Code repositories for project(s) associated with this public inbox https://git.savannah.gnu.org/cgit/guix.git This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).