[OpenWrt-Devel] [PATCH] qos-scripts: Fix classification of ingress traffic

Michael Marley michael at michaelmarley.com
Tue Jan 19 18:40:50 EST 2016

Set the save-mark mask for the qos_${cg} chain to 0xff instead of
0xf0.  With the old value, the nibble that was saved would be
masked during the restore, preventing ingress traffic from being
classified.  Thanks to nbd for recommending the fix.

Signed-off-by: Michael Marley <michael at michaelmarley.com>
 package/network/config/qos-scripts/files/usr/lib/qos/generate.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package/network/config/qos-scripts/files/usr/lib/qos/generate.sh b/package/network/config/qos-scripts/files/usr/lib/qos/generate.sh
index 8d22b67..caa1125 100755
--- a/package/network/config/qos-scripts/files/usr/lib/qos/generate.sh
+++ b/package/network/config/qos-scripts/files/usr/lib/qos/generate.sh
@@ -427,7 +427,7 @@ ${iptrules:+${iptrules}${N}iptables -t mangle -A qos_${cg}_ct -j CONNMARK --save
 iptables -t mangle -A qos_${cg} -j CONNMARK --restore-mark --mask 0x0f
 iptables -t mangle -A qos_${cg} -m mark --mark 0/0x0f -j qos_${cg}_ct
-${iptrules:+${iptrules}${N}iptables -t mangle -A qos_${cg} -j CONNMARK --save-mark --mask 0xf0}
+${iptrules:+${iptrules}${N}iptables -t mangle -A qos_${cg} -j CONNMARK --save-mark --mask 0xff}
 	unset INSMOD
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org

More information about the openwrt-devel mailing list