[Cerowrt-devel] Fwd: Making sqm-scripts compatible with other packages (e.g. mwan3 multiwan)

Mon Apr 14 15:57:42 EDT 2014

some feedback on sqm. It's not clear to me how to mask out the
stuff in the tc filter....

---------- Forwarded message ----------
From: Kostas Papadopoulos
Date: Mon, Apr 14, 2014 at 11:35 AM
Subject: Making sqm-scripts compatible with other packages (e.g. mwan3 multiwan)
To: dave.taht at gmail.com

Hi David,

I was looking at the sqm-scripts you recently posted at
http://patchwork.openwrt.org/patch/5078/
https://github.com/dtaht/ceropackages-3.10/tree/master/net/sqm-scripts

and noticed that the way sqm-scripts using the iptables' mark feature
makes it incompatible with other packages which also use mark, such as
the mwan3 multiwan script. Please consider updating sqm-scripts to use
a /0xff mask, like qos-scripts does (it'd conflict with qos-scripts,
but it's of little concern since since qos-scripts and sqm-scripts
shouldn't be used together anyway).

Best regards,
KP

PS: iptables mark is a 32 bits field which you can manipulate. With a
mask (much like an ip subnetmask) you can tell which bits to write.
You'd need to replace "-j MARK --set-mark 0x1" with "-j MARK
--set-mark 0x1/0xff" which will only write over the first eight bits.
In this last case it would be compatible, as e.g. mwan3 uses bits 9 -
16

grep mark net/sqm-scripts/files/usr/lib/sqm/*

simple.qos:# this cleanly shows a means of going from diffserv marking
simple.qos:ipt -t mangle -A QOS_MARK_${IFACE} -j MARK --set-mark 0x2
simple.qos:ipt -t mangle -A QOS_MARK_${IFACE} -m dscp --dscp-class CS1
-j MARK --set-mark 0x3
simple.qos:ipt -t mangle -A QOS_MARK_${IFACE} -m dscp --dscp-class CS6
-j MARK --set-mark 0x1
simple.qos:ipt -t mangle -A QOS_MARK_${IFACE} -m dscp --dscp-class EF
-j MARK --set-mark 0x1
simple.qos:ipt -t mangle -A QOS_MARK_${IFACE} -m dscp --dscp-class
AF42 -j MARK --set-mark 0x1
simple.qos:ipt -t mangle -A QOS_MARK_${IFACE} -m tos  --tos
Minimize-Delay -j MARK --set-mark 0x1
simple.qos:ipt -t mangle -A POSTROUTING -o $DEV -m mark --mark 0x00 -g
QOS_MARK_${IFACE}
simple.qos:ipt -t mangle -A POSTROUTING -o $IFACE -m mark --mark 0x00
-g QOS_MARK_${IFACE}
simple.qos:# ipt -t mangle -A PREROUTING -i s+ -p tcp -m tcp
--tcp-flags SYN,RST,ACK SYN -j MARK --set-mark 0x01
simple.qos:ipt -t mangle -A PREROUTING -i vtun+ -p tcp -j MARK
--set-mark 0x2 # tcp tunnels need ordering
simple.qos:# ipv6 support. Note that the handle indicates the fw mark
bucket that is looked for

stop.sh:        ipt -t mangle -D POSTROUTING -o $DEV -m mark --mark
0x00 -g QOS_MARK_${IFACE}
stop.sh:        ipt -t mangle -D POSTROUTING -o $IFACE -m mark --mark
0x00 -g QOS_MARK_${IFACE}
stop.sh:        ipt -t mangle -D PREROUTING -i vtun+ -p tcp -j MARK
--set-mark 0x2

-- 
Dave Täht

NSFW: https://w2.eff.org/Censorship/Internet_censorship_bills/russell_0296_indecent.article