Modify

Opened 6 years ago

Closed 6 years ago

#10315 closed defect (fixed)

Backfire qos-backport error: iptables v1.4.6: Couldn't load target `Default'

Reported by: hnyman Owned by: developers
Priority: normal Milestone: Backfire 10.03.1
Component: base system Version: Backfire 10.03.1 RC5
Keywords: firewall qos iptables Cc: hannu.nyman@…

Description

I compiled a new Backfire version, and noticed that I get this error twice at reboot, at the end (or after) firewall start:

iptables v1.4.6: Couldn't load target `Default':File not found

This is caused to the recent qos-namespace change r28670.

Oct 30 10:57:28 OpenWrt user.info sysinit: Loading redirects
Oct 30 10:57:29 OpenWrt user.info sysinit: Loading rules
Oct 30 10:57:29 OpenWrt user.info sysinit: Loading includes
Oct 30 10:57:29 OpenWrt user.info sysinit: Loading interfaces
Oct 30 10:57:29 OpenWrt user.info firewall: adding lan (br-lan) to zone lan
Oct 30 10:57:30 OpenWrt user.info firewall: adding wan (eth1) to zone wan
Oct 30 10:57:31 OpenWrt user.info firewall: adding sixxs (6in4-sixxs) to zone wan
Oct 30 10:57:31 OpenWrt authpriv.info dropbear[2096]: Running in background
Oct 30 10:57:32 OpenWrt user.info sysinit: iptables v1.4.6: Couldn't load target `Default':File not found
Oct 30 10:57:32 OpenWrt user.info sysinit: Try `iptables -h' or 'iptables --help' for more information.
Oct 30 10:57:32 OpenWrt user.info sysinit: iptables v1.4.6: Couldn't load target `Default':File not found
Oct 30 10:57:32 OpenWrt user.info sysinit: Try `iptables -h' or 'iptables --help' for more information.

When checking the source of generate.sh of qos-scripts, lines 407 and 411 relating to download limit rules deviate from the other mangle-lines, as they do not have the "qos_" prefix in the name of the target ${cg} .
https://dev.openwrt.org/browser/branches/backfire/package/qos-scripts/files/usr/lib/qos/generate.sh#L404

append up "iptables -t mangle -A OUTPUT -o $device -j qos_${cg}" "$N"
append up "iptables -t mangle -A FORWARD -o $device -j qos_${cg}" "$N"
[ -z "$download" ] || {
    append down "iptables -t mangle -A POSTROUTING -o $device -j ${cg}" "$N"
    [ -z "$halfduplex" ] || {
        append down "iptables -t mangle -A POSTROUTING -o $device -j IMQ --todev $imqdev" "$N"
    }
    append down "iptables -t mangle -A PREROUTING -i $device -j ${cg}" "$N"
    append down "iptables -t mangle -A PREROUTING -i $device -j IMQ --todev $imqdev" "$N"
}

I do have the download limit set in qos config, so I would assume that I would have lines both in PREROUTING and POSTROUTING chains. But there is none. Iptables output:

root@OpenWrt:/etc/config# iptables -L -v -t mangle
Chain PREROUTING (policy ACCEPT 1066K packets, 997M bytes)
 pkts bytes target     prot opt in     out     source               destination
 586K  674M IMQ        all  --  eth1   any     anywhere             anywhere            IMQ: todev 0
 585K  674M IMQ        all  --  eth1   any     anywhere             anywhere            IMQ: todev 0

Chain INPUT (policy ACCEPT 5874 packets, 636K bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 1060K packets, 996M bytes)
 pkts bytes target     prot opt in     out     source               destination
1061K  996M zone_wan_MSSFIX  all  --  any    any     anywhere             anywhere
 481K  323M qos_Default  all  --  any    eth1    anywhere             anywhere

Chain OUTPUT (policy ACCEPT 8467 packets, 8428K bytes)
 pkts bytes target     prot opt in     out     source               destination
 7672 7910K qos_Default  all  --  any    eth1    anywhere             anywhere

Chain POSTROUTING (policy ACCEPT 1069K packets, 1004M bytes)
 pkts bytes target     prot opt in     out     source               destination

The trunk version of the scripts does not have the corresponding lines at all, so this looks like a backport error.

I manually patched the /usr/lib/qos/generate.sh in the live system to have the qos_ prefix on those two lines and rebooted. No errors, and the expected rules in mangle table:

root@OpenWrt:~# iptables -L -v -t mangle
Chain PREROUTING (policy ACCEPT 4162 packets, 663K bytes)
 pkts bytes target     prot opt in     out     source               destination
 2106  338K qos_Default  all  --  eth1   any     anywhere             anywhere
 2106  338K IMQ        all  --  eth1   any     anywhere             anywhere            IMQ: todev 0

Chain INPUT (policy ACCEPT 522 packets, 63650 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 3591 packets, 592K bytes)
 pkts bytes target     prot opt in     out     source               destination
 3591  592K zone_wan_MSSFIX  all  --  any    any     anywhere             anywhere
 1766  291K qos_Default  all  --  any    eth1    anywhere             anywhere

Chain OUTPUT (policy ACCEPT 474 packets, 187K bytes)
 pkts bytes target     prot opt in     out     source               destination
  226 30984 qos_Default  all  --  any    eth1    anywhere             anywhere

Chain POSTROUTING (policy ACCEPT 4049 packets, 779K bytes)
 pkts bytes target     prot opt in     out     source               destination
 1974  321K qos_Default  all  --  any    eth1    anywhere             anywhere

Attachments (0)

Change History (2)

comment:1 Changed 6 years ago by hnyman

patch:

Index: /Openwrt/backfire/package/qos-scripts/files/usr/lib/qos/generate.sh
===================================================================
--- /Openwrt/backfire/package/qos-scripts/files/usr/lib/qos/generate.sh	(revision 28677)
+++ /Openwrt/backfire/package/qos-scripts/files/usr/lib/qos/generate.sh	(working copy)
@@ -404,11 +404,11 @@
 		append up "iptables -t mangle -A OUTPUT -o $device -j qos_${cg}" "$N"
 		append up "iptables -t mangle -A FORWARD -o $device -j qos_${cg}" "$N"
 		[ -z "$download" ] || {
-			append down "iptables -t mangle -A POSTROUTING -o $device -j ${cg}" "$N"
+			append down "iptables -t mangle -A POSTROUTING -o $device -j qos_${cg}" "$N"
 			[ -z "$halfduplex" ] || {
 				append down "iptables -t mangle -A POSTROUTING -o $device -j IMQ --todev $imqdev" "$N"
 			}
-			append down "iptables -t mangle -A PREROUTING -i $device -j ${cg}" "$N"
+			append down "iptables -t mangle -A PREROUTING -i $device -j qos_${cg}" "$N"
 			append down "iptables -t mangle -A PREROUTING -i $device -j IMQ --todev $imqdev" "$N"
 		}
 	done

comment:2 Changed 6 years ago by jow

  • Resolution set to fixed
  • Status changed from new to closed

Committed in r28679 - thanks!

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.