Setup ip6tables rules for qos settings if ip6tables is present and there is qos enabled in some interface (default config also contains wan6 interface).
Signed-off-by Ilkka Ollakka <[email protected]> -- Ilkka Ollakka Also, the Scots are said to have invented golf. Then they had to invent Scotch whiskey to take away the pain and frustration.
Index: generate.sh
===================================================================
--- generate.sh (revision 36111)
+++ generate.sh (working copy)
@@ -1,5 +1,6 @@
#!/bin/sh
[ -e /lib/functions.sh ] && . /lib/functions.sh || . ./functions.sh
+[ -e /lib/functions/network.sh ] && . /lib/functions/network.sh
[ -x /sbin/modprobe ] && {
insmod="modprobe"
rmmod="$insmod -r"
@@ -395,18 +396,25 @@
local iptrules
local pktrules
local sizerules
+ local gateway_available
enum_classes "$cg"
- add_rules iptrules "$ctrules" "iptables -t mangle -A qos_${cg}_ct"
+ for command in $iptables; do
+ add_rules iptrules "$ctrules" "$command -t mangle -A qos_${cg}_ct"
+ done
config_get classes "$cg" classes
for class in $classes; do
config_get mark "$class" classnr
config_get maxsize "$class" maxsize
[ -z "$maxsize" -o -z "$mark" ] || {
- add_insmod ipt_length
- append pktrules "iptables -t mangle -A qos_${cg} -m mark --mark $mark/0xff -m length --length $maxsize: -j MARK --set-mark 0/0xff" "$N"
+ add_insmod ipt_length
+ for command in $iptables; do
+ append pktrules "$command -t mangle -A qos_${cg} -m mark --mark $mark/0xff -m length --length $maxsize: -j MARK --set-mark 0/0xff" "$N"
+ done
}
done
- add_rules pktrules "$rules" "iptables -t mangle -A qos_${cg}"
+ for command in $iptables; do
+ add_rules pktrules "$rules" "$command -t mangle -A qos_${cg}"
+ done
for iface in $INTERFACES; do
config_get classgroup "$iface" classgroup
config_get device "$iface" device
@@ -415,16 +423,38 @@
config_get download "$iface" download
config_get halfduplex "$iface" halfduplex
download="${download:-${halfduplex:+$upload}}"
- append up "iptables -t mangle -A OUTPUT -o $device -j qos_${cg}" "$N"
- append up "iptables -t mangle -A FORWARD -o $device -j qos_${cg}" "$N"
+ network_get_gateway6 gateway_available "$iface"
+ if [ "$gateway_available" != "" -a -x /usr/sbin/ip6tables ]; then
+ append up "ip6tables -t mangle -A OUTPUT -o $device -j qos_${cg}" "$N"
+ append up "ip6tables -t mangle -A FORWARD -o $device -j qos_${cg}" "$N"
+ fi
+ network_get_gateway gateway_available "$iface"
+ if [ "$gateway_available" != "" ]; then
+ append up "iptables -t mangle -A OUTPUT -o $device -j qos_${cg}" "$N"
+ append up "iptables -t mangle -A FORWARD -o $device -j qos_${cg}" "$N"
+ fi
done
cat <<EOF
$INSMOD
-iptables -t mangle -N qos_${cg} >&- 2>&-
-iptables -t mangle -N qos_${cg}_ct >&- 2>&-
-${iptrules:+${iptrules}${N}iptables -t mangle -A qos_${cg}_ct -j CONNMARK --save-mark --mask 0xff}
-iptables -t mangle -A qos_${cg} -j CONNMARK --restore-mark --mask 0xff
-iptables -t mangle -A qos_${cg} -m mark --mark 0/0xff -j qos_${cg}_ct
+EOF
+
+for command in $iptables; do
+ cat <<EOF
+ $command -t mangle -N qos_${cg}
+ $command -t mangle -N qos_${cg}_ct
+EOF
+done
+cat <<EOF
+ ${iptrules:+${iptrules}${N}}
+EOF
+for command in $iptables; do
+ cat <<EOF
+ $command -t mangle -A qos_${cg}_ct -j CONNMARK --save-mark --mask 0xff
+ $command -t mangle -A qos_${cg} -j CONNMARK --restore-mark --mask 0xff
+ $command -t mangle -A qos_${cg} -m mark --mark 0/0xff -j qos_${cg}_ct
+EOF
+done
+cat <<EOF
$pktrules
$up$N${down:+${down}$N}
EOF
@@ -445,20 +475,22 @@
# remove rules referring to them, then delete them
# Print rules in the mangle table, like iptables-save
- iptables -t mangle -S |
- # Find rules for the qos_* chains
- grep '^-N qos_\|-j qos_' |
- # Exclude rules in qos_* chains (inter-qos_* refs)
- grep -v '^-A qos_' |
- # Replace -N with -X and hold, with -F and print
- # Replace -A with -D
- # Print held lines at the end (note leading newline)
- sed -e '/^-N/{s/^-N/-X/;H;s/^-X/-F/}' \
- -e 's/^-A/-D/' \
- -e '${p;g}' |
- # Make into proper iptables calls
- # Note: awkward in previous call due to hold space usage
- sed -n -e 's/^./iptables -t mangle &/p'
+ for command in $iptables; do
+ $command -t mangle -S |
+ # Find rules for the qos_* chains
+ grep '^-N qos_\|-j qos_' |
+ # Exclude rules in qos_* chains (inter-qos_* refs)
+ grep -v '^-A qos_' |
+ # Replace -N with -X and hold, with -F and print
+ # Replace -A with -D
+ # Print held lines at the end (note leading newline)
+ sed -e '/^-N/{s/^-N/-X/;H;s/^-X/-F/}' \
+ -e 's/^-A/-D/' \
+ -e '${p;g}' |
+ # Make into proper iptables calls
+ # Note: awkward in previous call due to hold space usage
+ sed -n -e "s/^./${command} -t mangle &/p"
+ done
}
C="0"
@@ -473,6 +505,12 @@
export C="$(($C + 1))"
done
+[ -x /usr/sbin/ip6tables ] && {
+ iptables="ip6tables iptables"
+} || {
+ iptables="iptables"
+}
+
case "$1" in
all)
start_interfaces "$C"
signature.asc
Description: Digital signature
_______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
