From patchwork Tue Jan 19 23:40:50 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Marley X-Patchwork-Id: 570172 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from arrakis.dune.hu (arrakis.dune.hu [78.24.191.176]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id B5C72140317 for ; Wed, 20 Jan 2016 10:41:34 +1100 (AEDT) Received: from arrakis.dune.hu (localhost [127.0.0.1]) by arrakis.dune.hu (Postfix) with ESMTP id B739B28BB5F; Wed, 20 Jan 2016 00:40:47 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on arrakis.dune.hu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00 autolearn=unavailable version=3.3.2 Received: from arrakis.dune.hu (localhost [127.0.0.1]) by arrakis.dune.hu (Postfix) with ESMTP id 7576A28000F for ; Wed, 20 Jan 2016 00:40:19 +0100 (CET) X-policyd-weight: using cached result; rate: -4.7 Received: from cdptpa-oedge-vip.email.rr.com (cdptpa-outbound-snat.email.rr.com [107.14.166.229]) by arrakis.dune.hu (Postfix) with ESMTP for ; Wed, 20 Jan 2016 00:40:18 +0100 (CET) Received: from [172.74.115.16] ([172.74.115.16:51672] helo=michaelmarley.com) by cdptpa-oedge01 (envelope-from ) (ecelerity 3.5.0.35861 r(Momo-dev:tip)) with ESMTP id EB/55-11985-889CE965; Tue, 19 Jan 2016 23:40:57 +0000 Received: from mamarley-desktop.lan (unknown [IPv6:fd42:97bf:bc5e:4:88a4:539f:2980:ba45]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: michael) by michaelmarley.com (Postfix) with ESMTPSA id 2F11D18004F; Tue, 19 Jan 2016 18:40:56 -0500 (EST) From: Michael Marley To: nbd@openwrt.org Date: Tue, 19 Jan 2016 18:40:50 -0500 Message-Id: <1453246850-23456-1-git-send-email-michael@michaelmarley.com> X-Mailer: git-send-email 2.7.0 X-RR-Connecting-IP: 107.14.168.118:25 X-Cloudmark-Score: 0 Cc: openwrt-devel@lists.openwrt.org Subject: [OpenWrt-Devel] [PATCH] qos-scripts: Fix classification of ingress traffic X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openwrt-devel-bounces@lists.openwrt.org Sender: "openwrt-devel" Set the save-mark mask for the qos_${cg} chain to 0xff instead of 0xf0. With the old value, the nibble that was saved would be masked during the restore, preventing ingress traffic from being classified. Thanks to nbd for recommending the fix. Signed-off-by: Michael Marley --- package/network/config/qos-scripts/files/usr/lib/qos/generate.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package/network/config/qos-scripts/files/usr/lib/qos/generate.sh b/package/network/config/qos-scripts/files/usr/lib/qos/generate.sh index 8d22b67..caa1125 100755 --- a/package/network/config/qos-scripts/files/usr/lib/qos/generate.sh +++ b/package/network/config/qos-scripts/files/usr/lib/qos/generate.sh @@ -427,7 +427,7 @@ ${iptrules:+${iptrules}${N}iptables -t mangle -A qos_${cg}_ct -j CONNMARK --save iptables -t mangle -A qos_${cg} -j CONNMARK --restore-mark --mask 0x0f iptables -t mangle -A qos_${cg} -m mark --mark 0/0x0f -j qos_${cg}_ct $pktrules -${iptrules:+${iptrules}${N}iptables -t mangle -A qos_${cg} -j CONNMARK --save-mark --mask 0xf0} +${iptrules:+${iptrules}${N}iptables -t mangle -A qos_${cg} -j CONNMARK --save-mark --mask 0xff} $up$N${down:+${down}$N} EOF unset INSMOD