diff options
author | Felix Fietkau <nbd@openwrt.org> | 2016-01-19 23:56:34 +0000 |
---|---|---|
committer | Felix Fietkau <nbd@openwrt.org> | 2016-01-19 23:56:34 +0000 |
commit | 5cafb9240efb1211c7a289f2d86c56b64a1e638a (patch) | |
tree | 4055b35f3aa5f88b174063506a6760d29a214c8c /package/network/config/qos-scripts | |
parent | 54dad4c873c131311662cf00133a9f750fe91255 (diff) | |
download | upstream-5cafb9240efb1211c7a289f2d86c56b64a1e638a.tar.gz upstream-5cafb9240efb1211c7a289f2d86c56b64a1e638a.tar.bz2 upstream-5cafb9240efb1211c7a289f2d86c56b64a1e638a.zip |
qos-scripts: Fix classification of ingress traffic
Set the save-mark mask for the qos_${cg} chain to 0xff instead of
0xf0. With the old value, the nibble that was saved would be
masked during the restore, preventing ingress traffic from being
classified. Thanks to nbd for recommending the fix.
Signed-off-by: Michael Marley <michael@michaelmarley.com>
SVN-Revision: 48388
Diffstat (limited to 'package/network/config/qos-scripts')
-rwxr-xr-x | package/network/config/qos-scripts/files/usr/lib/qos/generate.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/package/network/config/qos-scripts/files/usr/lib/qos/generate.sh b/package/network/config/qos-scripts/files/usr/lib/qos/generate.sh index 8d22b675c4..caa1125795 100755 --- a/package/network/config/qos-scripts/files/usr/lib/qos/generate.sh +++ b/package/network/config/qos-scripts/files/usr/lib/qos/generate.sh @@ -427,7 +427,7 @@ ${iptrules:+${iptrules}${N}iptables -t mangle -A qos_${cg}_ct -j CONNMARK --save iptables -t mangle -A qos_${cg} -j CONNMARK --restore-mark --mask 0x0f iptables -t mangle -A qos_${cg} -m mark --mark 0/0x0f -j qos_${cg}_ct $pktrules -${iptrules:+${iptrules}${N}iptables -t mangle -A qos_${cg} -j CONNMARK --save-mark --mask 0xf0} +${iptrules:+${iptrules}${N}iptables -t mangle -A qos_${cg} -j CONNMARK --save-mark --mask 0xff} $up$N${down:+${down}$N} EOF unset INSMOD |