From f9051746eea00988e92a6f099160a1ac80069d64 Mon Sep 17 00:00:00 2001 From: kev Date: Sun, 27 Sep 2015 10:38:41 +0800 Subject: [PATCH] update --- iptables/Dockerfile | 2 +- iptables/README.md | 27 +++++++++++++++++++++++---- 2 files changed, 24 insertions(+), 5 deletions(-) diff --git a/iptables/Dockerfile b/iptables/Dockerfile index 326bbe9..014bd71 100644 --- a/iptables/Dockerfile +++ b/iptables/Dockerfile @@ -10,7 +10,7 @@ RUN apk add -U iproute2 ENV TCP_PORTS 80,443 ENV UDP_PORTS 53 ENV RATE 1mbit -ENV BURST 1mbit +ENV BURST 1kb ENV LATENCY 50ms ENV INTERVAL 60 diff --git a/iptables/README.md b/iptables/README.md index 77727a4..19fa289 100644 --- a/iptables/README.md +++ b/iptables/README.md @@ -1,8 +1,10 @@ iptables ======== -- iptables: filter ports -- tc: control traffic +![](https://badge.imagelayers.io/vimagick/iptables:latest.svg) + +- _iptables_: filter ports (allow: 53/UDP, 80/TCP, 443/TCP) +- _tc_: control traffic via [tbf][1] ## docker-compose.yml @@ -12,7 +14,7 @@ shadowsocks: environment: - DNS_ADDR=8.8.8.8 - METHOD=chacha20 - - PASSWORD=GUB61zGB2 + - PASSWORD=9MLSpPmNt net: container:iptables restart: always @@ -24,8 +26,25 @@ iptables: - TCP_PORTS=80,443 - UDP_PORTS=53 - RATE=4mbit - - BURST=4mbit + - BURST=4kb cap_add: - NET_ADMIN restart: always ``` + +## Up and Running + +``` +$ docker-compose up -d +Creating shadowsocks_iptables_1... +Creating shadowsocks_shadowsocks_1... + +$ docker-compose logs +Every 60s: tc -s qdisc ls dev eth0 2015-09-27 02:27:57 +iptables_1 | +iptables_1 | qdisc tbf 8012: root refcnt 2 rate 4Mbit burst 4Kb lat 50.0ms +iptables_1 | Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) +iptables_1 | backlog 0b 0p requeues 0 +``` + +[1]: http://linux.die.net/man/8/tc-tbf