|
|
|
@ -53,8 +53,8 @@ parse_matching_rule() { |
|
|
|
|
done |
|
|
|
|
config_get type "$section" TYPE |
|
|
|
|
case "$type" in |
|
|
|
|
classify) unset pkt; append "$var" "-m mark --mark 0";; |
|
|
|
|
default) pkt=1; append "$var" "-m mark --mark 0";; |
|
|
|
|
classify) unset pkt; append "$var" "-m mark --mark 0/0xff";; |
|
|
|
|
default) pkt=1; append "$var" "-m mark --mark 0/0xff";; |
|
|
|
|
reclassify) pkt=1;; |
|
|
|
|
esac |
|
|
|
|
append "$var" "${proto:+-p $proto}" |
|
|
|
@ -161,8 +161,8 @@ parse_matching_rule() { |
|
|
|
|
config_get class "${value##!}" classnr |
|
|
|
|
[ -z "$class" ] && continue; |
|
|
|
|
case "$value" in |
|
|
|
|
!*) append "$var" "-m mark ! --mark $class";; |
|
|
|
|
*) append "$var" "-m mark --mark $class";; |
|
|
|
|
!*) append "$var" "-m mark ! --mark $class/0xff";; |
|
|
|
|
*) append "$var" "-m mark --mark $class/0xff";; |
|
|
|
|
esac |
|
|
|
|
;; |
|
|
|
|
1:TOS) |
|
|
|
@ -386,7 +386,7 @@ add_rules() { |
|
|
|
|
unset iptrule |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
parse_matching_rule iptrule "$rule" "$options" "$prefix" "-j MARK --set-mark $target" |
|
|
|
|
parse_matching_rule iptrule "$rule" "$options" "$prefix" "-j MARK --set-mark $target/0xff" |
|
|
|
|
append "$var" "$iptrule" "$N" |
|
|
|
|
done |
|
|
|
|
} |
|
|
|
@ -404,7 +404,7 @@ start_cg() { |
|
|
|
|
config_get maxsize "$class" maxsize |
|
|
|
|
[ -z "$maxsize" -o -z "$mark" ] || { |
|
|
|
|
add_insmod ipt_length |
|
|
|
|
append pktrules "iptables -t mangle -A qos_${cg} -m mark --mark $mark -m length --length $maxsize: -j MARK --set-mark 0" "$N" |
|
|
|
|
append pktrules "iptables -t mangle -A qos_${cg} -m mark --mark $mark/0xff -m length --length $maxsize: -j MARK --set-mark 0/0xff" "$N" |
|
|
|
|
} |
|
|
|
|
done |
|
|
|
|
add_rules pktrules "$rules" "iptables -t mangle -A qos_${cg}" |
|
|
|
@ -423,9 +423,9 @@ start_cg() { |
|
|
|
|
$INSMOD |
|
|
|
|
iptables -t mangle -N qos_${cg} >&- 2>&- |
|
|
|
|
iptables -t mangle -N qos_${cg}_ct >&- 2>&- |
|
|
|
|
${iptrules:+${iptrules}${N}iptables -t mangle -A qos_${cg}_ct -j CONNMARK --save-mark} |
|
|
|
|
iptables -t mangle -A qos_${cg} -j CONNMARK --restore-mark |
|
|
|
|
iptables -t mangle -A qos_${cg} -m mark --mark 0 -j qos_${cg}_ct |
|
|
|
|
${iptrules:+${iptrules}${N}iptables -t mangle -A qos_${cg}_ct -j CONNMARK --save-mark --mask 0xff} |
|
|
|
|
iptables -t mangle -A qos_${cg} -j CONNMARK --restore-mark --mask 0xff |
|
|
|
|
iptables -t mangle -A qos_${cg} -m mark --mark 0/0xff -j qos_${cg}_ct |
|
|
|
|
$pktrules |
|
|
|
|
$up$N${down:+${down}$N} |
|
|
|
|
EOF |
|
|
|
|