[4/6] QoS: Drop support for hardcoded ACK rules
Commit Message
This feature has to go in order to take advantage of CONNMARK which will
drastically decrease CPU load when passing packets.
We no longer will see every packet in the QOS-INC chain in order to
change classification of that packet. It is also party counter-intuitive
to have parts of one connection in one class and the corresponding ACK
packets in another.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
config/qos/makeqosscripts.pl | 27 ---------------------------
html/cgi-bin/qos.cgi | 22 ++--------------------
2 files changed, 2 insertions(+), 47 deletions(-)
@@ -72,7 +72,6 @@ $qossettings{'DEF_OUT_SPD'} = '';
$qossettings{'DEF_INC_SPD'} = '';
$qossettings{'DEFCLASS_INC'} = '';
$qossettings{'DEFCLASS_OUT'} = '';
-$qossettings{'ACK'} = '';
$qossettings{'RED_DEV'} = `cat /var/ipfire/red/iface`;
$qossettings{'IMQ_DEV'} = 'imq0';
$qossettings{'TOS'} = '';
@@ -80,7 +79,6 @@ $qossettings{'VALID'} = 'yes';
&General::readhash("${General::swroot}/qos/settings", \%qossettings);
-my $ACK_MARK = ($qossettings{'ACK'} << $QOS_OUT_SHIFT) . "/$QOS_OUT_MASK";
my $DEF_OUT_MARK = ($qossettings{'DEFCLASS_OUT'} << $QOS_OUT_SHIFT) . "/$QOS_OUT_MASK";
my $DEF_INC_MARK = ($qossettings{'DEFCLASS_INC'} << $QOS_INC_SHIFT) . "/$QOS_INC_MASK";
@@ -224,31 +222,6 @@ print <<END
### Don't change mark on traffic for the ipsec tunnel
iptables -t mangle -A QOS-OUT -m mark --mark 50 -j RETURN
- ### MARK ACKs
- iptables -t mangle -A QOS-OUT -p tcp --tcp-flags SYN,RST SYN -j MARK --set-xmark $ACK_MARK
- iptables -t mangle -A QOS-OUT -p tcp --tcp-flags SYN,RST SYN -j RETURN
-
- iptables -t mangle -A QOS-OUT -p icmp -m length --length 40:100 -j MARK --set-xmark $ACK_MARK
- iptables -t mangle -A QOS-OUT -p icmp -m length --length 40:100 -j RETURN
-
- iptables -t mangle -A QOS-OUT -p tcp --syn -m length --length 40:68 -j MARK --set-xmark $ACK_MARK
- iptables -t mangle -A QOS-OUT -p tcp --syn -m length --length 40:68 -j RETURN
-
- iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j MARK --set-xmark $ACK_MARK
- iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j RETURN
-
- iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j MARK --set-xmark $ACK_MARK
- iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j RETURN
-
- iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL RST -j MARK --set-xmark $ACK_MARK
- iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL RST -j RETURN
-
- iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK,RST -j MARK --set-xmark $ACK_MARK
- iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK,RST -j RETURN
-
- iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK,FIN -j MARK --set-xmark $ACK_MARK
- iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK,FIN -j RETURN
-
### SET TOS
END
;
@@ -68,7 +68,6 @@ $qossettings{'DEF_OUT_SPD'} = '';
$qossettings{'DEF_INC_SPD'} = '';
$qossettings{'DEFCLASS_INC'} = '';
$qossettings{'DEFCLASS_OUT'} = '';
-$qossettings{'ACK'} = '';
$qossettings{'RED_DEV'} = 'ppp0';
$qossettings{'IMQ_DEV'} = 'imq0';
$qossettings{'VALID'} = 'yes';
@@ -518,7 +517,6 @@ END
}
$qossettings{'DEFCLASS_INC'} = "210";
$qossettings{'DEFCLASS_OUT'} = "110";
- $qossettings{'ACK'} ="101";
$qossettings{'ENABLED'} = 'on';
&General::writehash("${General::swroot}/qos/settings", \%qossettings);
&General::system("/usr/local/bin/qosctrl", "generate");
@@ -660,7 +658,7 @@ END
END
;
}
- if (($qossettings{'DEFCLASS_OUT'} ne '') && ($qossettings{'DEFCLASS_INC'} ne '')&& ($qossettings{'ACK'} ne '')) {
+ if (($qossettings{'DEFCLASS_OUT'} ne '') && ($qossettings{'DEFCLASS_INC'} ne '')) {
print <<END
<form method='post' action='$ENV{'SCRIPT_NAME'}'>
<table width='66%'>
@@ -668,7 +666,6 @@ END
<tr><td width='50%' align='right'>$Lang::tr{'downlink std class'}: <td width='30%' align='left'>$qossettings{'DEFCLASS_INC'}
<td width='20%' rowspan='3' align='center' valign='middle'><input type='submit' name='ACTIONDEF' value='$Lang::tr{'modify'}' />
<tr><td width='50%' align='right'>$Lang::tr{'uplink std class'}: <td width='30%' align='left'>$qossettings{'DEFCLASS_OUT'}
- <tr><td width='50%' align='right'>ACKs: <td width='30%' align='left'>$qossettings{'ACK'}
<tr><td colspan='3' width='100%'><hr />
<tr><td colspan='3' width='100%' align='center'>
</table>
@@ -692,7 +689,7 @@ if ( ($qossettings{'OUT_SPD'} eq '') || ($qossettings{'INC_SPD'} eq '') ) {
exit
}
-if ( ($qossettings{'DEFCLASS_INC'} eq '') || ($qossettings{'DEFCLASS_OUT'} eq '') || ($qossettings{'ACK'} eq '') ) {
+if ( ($qossettings{'DEFCLASS_INC'} eq '') || ($qossettings{'DEFCLASS_OUT'} eq '') ) {
&changedefclasses();
&Header::closebigbox();
&Header::closepage();
@@ -742,21 +739,6 @@ END
else { print "<option selected value='$c'>$c</option>\n"; }
}
print <<END
- </select><td width='33%' align='center'>
- </table>
- <hr />
- <table width='66%'>
- <tr><td width='100%' colspan='3'>$Lang::tr{'enter ack class'}
- <tr><td width='33%' align='right'>ACKs:<td width='33%' align='left'><select name='ACK'>
-END
-;
- for ( $c = 100 ; $c <= 120 ; $c++ )
- {
- if ( $qossettings{'ACK'} ne $c )
- { print "<option value='$c'>$c</option>\n"; }
- else { print "<option selected value='$c'>$c</option>\n"; }
- }
- print <<END
</select><td width='33%' align='center'><input type='submit' name='ACTION' value="$Lang::tr{'save'}" />
</table>
</form>