This feature has to go in order to take advantage of CONNMARK which will drastically decrease CPU load when passing packets.
We no longer will see every packet in the QOS-INC chain in order to change classification of that packet. It is also party counter-intuitive to have parts of one connection in one class and the corresponding ACK packets in another.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org --- config/qos/makeqosscripts.pl | 27 --------------------------- html/cgi-bin/qos.cgi | 22 ++-------------------- 2 files changed, 2 insertions(+), 47 deletions(-)
diff --git a/config/qos/makeqosscripts.pl b/config/qos/makeqosscripts.pl index 5bdd5b811..230dc3265 100644 --- a/config/qos/makeqosscripts.pl +++ b/config/qos/makeqosscripts.pl @@ -72,7 +72,6 @@ $qossettings{'DEF_OUT_SPD'} = ''; $qossettings{'DEF_INC_SPD'} = ''; $qossettings{'DEFCLASS_INC'} = ''; $qossettings{'DEFCLASS_OUT'} = ''; -$qossettings{'ACK'} = ''; $qossettings{'RED_DEV'} = `cat /var/ipfire/red/iface`; $qossettings{'IMQ_DEV'} = 'imq0'; $qossettings{'TOS'} = ''; @@ -80,7 +79,6 @@ $qossettings{'VALID'} = 'yes';
&General::readhash("${General::swroot}/qos/settings", %qossettings);
-my $ACK_MARK = ($qossettings{'ACK'} << $QOS_OUT_SHIFT) . "/$QOS_OUT_MASK"; my $DEF_OUT_MARK = ($qossettings{'DEFCLASS_OUT'} << $QOS_OUT_SHIFT) . "/$QOS_OUT_MASK"; my $DEF_INC_MARK = ($qossettings{'DEFCLASS_INC'} << $QOS_INC_SHIFT) . "/$QOS_INC_MASK";
@@ -224,31 +222,6 @@ print <<END ### Don't change mark on traffic for the ipsec tunnel iptables -t mangle -A QOS-OUT -m mark --mark 50 -j RETURN
- ### MARK ACKs - iptables -t mangle -A QOS-OUT -p tcp --tcp-flags SYN,RST SYN -j MARK --set-xmark $ACK_MARK - iptables -t mangle -A QOS-OUT -p tcp --tcp-flags SYN,RST SYN -j RETURN - - iptables -t mangle -A QOS-OUT -p icmp -m length --length 40:100 -j MARK --set-xmark $ACK_MARK - iptables -t mangle -A QOS-OUT -p icmp -m length --length 40:100 -j RETURN - - iptables -t mangle -A QOS-OUT -p tcp --syn -m length --length 40:68 -j MARK --set-xmark $ACK_MARK - iptables -t mangle -A QOS-OUT -p tcp --syn -m length --length 40:68 -j RETURN - - iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j MARK --set-xmark $ACK_MARK - iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j RETURN - - iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j MARK --set-xmark $ACK_MARK - iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j RETURN - - iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL RST -j MARK --set-xmark $ACK_MARK - iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL RST -j RETURN - - iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK,RST -j MARK --set-xmark $ACK_MARK - iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK,RST -j RETURN - - iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK,FIN -j MARK --set-xmark $ACK_MARK - iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK,FIN -j RETURN - ### SET TOS END ; diff --git a/html/cgi-bin/qos.cgi b/html/cgi-bin/qos.cgi index ab427879e..c2ff4a08d 100644 --- a/html/cgi-bin/qos.cgi +++ b/html/cgi-bin/qos.cgi @@ -68,7 +68,6 @@ $qossettings{'DEF_OUT_SPD'} = ''; $qossettings{'DEF_INC_SPD'} = ''; $qossettings{'DEFCLASS_INC'} = ''; $qossettings{'DEFCLASS_OUT'} = ''; -$qossettings{'ACK'} = ''; $qossettings{'RED_DEV'} = 'ppp0'; $qossettings{'IMQ_DEV'} = 'imq0'; $qossettings{'VALID'} = 'yes'; @@ -518,7 +517,6 @@ END } $qossettings{'DEFCLASS_INC'} = "210"; $qossettings{'DEFCLASS_OUT'} = "110"; - $qossettings{'ACK'} ="101"; $qossettings{'ENABLED'} = 'on'; &General::writehash("${General::swroot}/qos/settings", %qossettings); &General::system("/usr/local/bin/qosctrl", "generate"); @@ -660,7 +658,7 @@ END END ; } - if (($qossettings{'DEFCLASS_OUT'} ne '') && ($qossettings{'DEFCLASS_INC'} ne '')&& ($qossettings{'ACK'} ne '')) { + if (($qossettings{'DEFCLASS_OUT'} ne '') && ($qossettings{'DEFCLASS_INC'} ne '')) { print <<END <form method='post' action='$ENV{'SCRIPT_NAME'}'> <table width='66%'> @@ -668,7 +666,6 @@ END <tr><td width='50%' align='right'>$Lang::tr{'downlink std class'}: <td width='30%' align='left'>$qossettings{'DEFCLASS_INC'} <td width='20%' rowspan='3' align='center' valign='middle'><input type='submit' name='ACTIONDEF' value='$Lang::tr{'modify'}' /> <tr><td width='50%' align='right'>$Lang::tr{'uplink std class'}: <td width='30%' align='left'>$qossettings{'DEFCLASS_OUT'} - <tr><td width='50%' align='right'>ACKs: <td width='30%' align='left'>$qossettings{'ACK'} <tr><td colspan='3' width='100%'><hr /> <tr><td colspan='3' width='100%' align='center'> </table> @@ -692,7 +689,7 @@ if ( ($qossettings{'OUT_SPD'} eq '') || ($qossettings{'INC_SPD'} eq '') ) { exit }
-if ( ($qossettings{'DEFCLASS_INC'} eq '') || ($qossettings{'DEFCLASS_OUT'} eq '') || ($qossettings{'ACK'} eq '') ) { +if ( ($qossettings{'DEFCLASS_INC'} eq '') || ($qossettings{'DEFCLASS_OUT'} eq '') ) { &changedefclasses(); &Header::closebigbox(); &Header::closepage(); @@ -742,21 +739,6 @@ END else { print "<option selected value='$c'>$c</option>\n"; } } print <<END - </select><td width='33%' align='center'> - </table> - <hr /> - <table width='66%'> - <tr><td width='100%' colspan='3'>$Lang::tr{'enter ack class'} - <tr><td width='33%' align='right'>ACKs:<td width='33%' align='left'><select name='ACK'> -END -; - for ( $c = 100 ; $c <= 120 ; $c++ ) - { - if ( $qossettings{'ACK'} ne $c ) - { print "<option value='$c'>$c</option>\n"; } - else { print "<option selected value='$c'>$c</option>\n"; } - } - print <<END </select><td width='33%' align='center'><input type='submit' name='ACTION' value="$Lang::tr{'save'}" /> </table> </form>