Modify

Opened 3 years ago

Last modified 3 years ago

#17945 new defect

qos-scripts creates duplicate rule lines in chain qos_Default_ct

Reported by: anonymous Owned by: developers
Priority: normal Milestone: Chaos Calmer 15.05
Component: packages Version: Trunk
Keywords: qos-scripts Cc:

Description

qos-scripts - 1.2.1-6

It seems that the qos-scripts created chain qos_Default_ct contains duplicate lines:

root@OpenWrt:/etc/config# iptables-save |fgrep qos

...
-A qos_Default_ct -p tcp -m mark --mark 0x0/0xf -m tcp -m multiport --ports 53 -m comment --comment dns -j MARK --set-xmark 0x11/0xff
-A qos_Default_ct -p udp -m mark --mark 0x0/0xf -m udp -m multiport --ports 53 -m comment --comment dns -j MARK --set-xmark 0x11/0xff
-A qos_Default_ct -p tcp -m mark --mark 0x0/0xf -m tcp -m multiport --ports 22 -m comment --comment ssh -j MARK --set-xmark 0x22/0xff
-A qos_Default_ct -p tcp -m mark --mark 0x0/0xf -m tcp -m multiport --ports 21,25,80,110,143,443,465,587,993,995 -m comment --comment "ftp, smtp, http(s), imap" -j MARK --set-xmark 0x33/0xff
-A qos_Default_ct -p udp -m mark --mark 0x0/0xf -m udp -m multiport --ports 1194,500,4500 -j MARK --set-xmark 0x33/0xff
-A qos_Default_ct -j CONNMARK --save-mark --nfmask 0xff --ctmask 0xff
-A qos_Default_ct -p tcp -m mark --mark 0x0/0xf -m tcp -m multiport --ports 53 -m comment --comment dns -j MARK --set-xmark 0x11/0xff
-A qos_Default_ct -p udp -m mark --mark 0x0/0xf -m udp -m multiport --ports 53 -m comment --comment dns -j MARK --set-xmark 0x11/0xff
-A qos_Default_ct -p tcp -m mark --mark 0x0/0xf -m tcp -m multiport --ports 22 -m comment --comment ssh -j MARK --set-xmark 0x22/0xff
-A qos_Default_ct -p tcp -m mark --mark 0x0/0xf -m tcp -m multiport --ports 21,25,80,110,143,443,465,587,993,995 -m comment --comment "ftp, smtp, http(s), imap" -j MARK --set-xmark 0x33/0xff
-A qos_Default_ct -p udp -m mark --mark 0x0/0xf -m udp -m multiport --ports 1194,500,4500 -j MARK --set-xmark 0x33/0xff

Attachments (0)

Change History (1)

comment:1 in reply to: ↑ description Changed 3 years ago by anonymous

I have the same problem in qos-scripts 1.2.1-7.
I was able to fix it by changing line 430 of \usr\lib\qos\generate.sh:
Old:
${iptrules:+${iptrules}${N}iptables -t mangle -A qos_${cg} -j CONNMARK --save-mark --mask 0xf0}
New:
iptables -t mangle -A qos_${cg} -j CONNMARK --save-mark --mask 0xf0

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.