extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-02-17 02:00:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Optional priority on hfsc classes

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-09-12 13:39:54 -07:00
parent e9b0e2f912
commit 75953a87cb
5 changed files with 139 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
Shorewall/Perl/Shorewall/Tc.pm
View File

@ -1057,6 +1057,16 @@ my %validredoptions = ( min => RED_INTEGER,
ecn => RED_NONE,
);
sub validate_filter_priority( $$ ) {
my ( $priority, $kind ) = @_;
my $pri = numeric_value( $priority );
fatal_error "Invalid $kind priority ($priority)" unless defined $pri && $pri > 0 && $pri <= 65535;
$pri;
}
sub validate_tc_class( ) {
my ( $devclass, $mark, $rate, $ceil, $prio, $options ) =
split_line 'tcclasses file', { interface => 0, mark => 1, rate => 2, ceil => 3, prio => 4, options => 5 };
@ -1110,10 +1120,12 @@ sub validate_tc_class( ) {
my $tcref = $tcclasses{$device};
if ( $devref->{qdisc} eq 'htb' ) {
fatal_error "Invalid PRIO ($prio)" unless defined numeric_value $prio;
}
my $markval = 0;
my $markprio = ( $prio << 8 ) | 0x20;
my $markprio;
if ( $mark ne '-' ) {
fatal_error "MARK may not be specified when TC_BITS=0" unless $config{TC_BITS};
@ -1121,8 +1133,10 @@ sub validate_tc_class( ) {
( $mark, my $priority ) = split/:/, $mark, 2;
if ( supplied $priority ) {
$markprio = numeric_value $priority;
fatal_error "Invalid mark priority ($priority)" unless defined $markprio && $markprio > 0;
$markprio = validate_filter_priority( $priority, 'mark' );
} else {
fatal_error "Missing mark priority" if $prio eq '-';
$markprio = ( $prio << 8 ) | 20;
}
$markval = numeric_value( $mark );
@ -1199,7 +1213,7 @@ sub validate_tc_class( ) {
dmax => $dmax ,
ceiling => $ceil = ( supplied $ceil ? convert_rate( $ceilmax, $ceil, 'CEIL' , $ceilname ) : 0 ),
lsceil => $lsceil = ( $lsceil ? convert_rate( $ceilmax, $lsceil, 'LSCEIL', $ceilname ) : 0 ),
priority => $prio eq '-' ? 1 : $prio ,
priority => $prio ,
mark => $markval ,
markprio => $markprio ,
flow => '' ,
@ -1222,20 +1236,20 @@ sub validate_tc_class( ) {
my $priority;
my $optval;
( $option, my $prio ) = split /:/, $option, 2;
( $option, my $pri ) = split /:/, $option, 2;
if ( $option =~ /^tos=(.+)/ || ( $optval = $tosoptions{$option} ) ) {
if ( supplied $prio ) {
$priority = numeric_value $prio;
fatal_error "Invalid tos priority ($prio)" unless defined $priority && $priority > 0;
if ( supplied $pri ) {
$priority = validate_filter_priority( $pri, 'mark' );
} else {
$priority = ( $tcref->{priority} << 8 ) | 0x10;
fatal_error "Missing TOS priority" if $prio eq '-';
$priority = ( $prio << 8 ) | 10;
}
$option = "tos=$optval" if $optval;
} elsif ( supplied $prio ) {
$option = join ':', $option, $prio;
} elsif ( supplied $pri ) {
$option = join ':', $option, $pri;
}
if ( $option eq 'default' ) {
@ -1245,11 +1259,10 @@ sub validate_tc_class( ) {
} elsif ( $option =~ /tcp-ack(:(\d+|0x[0-0a-fA-F]))?$/ ) {
fatal_error "The $option option is not valid with 'occurs" if $tcref->{occurs} > 1;
if ( $1 ) {
my $priority = numeric_value $2;
fatal_error "Invalid tcp-ack priority ($prio)" unless defined $priority && $priority > 0;
$tcref->{tcp_ack} = $priority;
$tcref->{tcp_ack} = validate_filter_priority( $2, 'tcp-ack' );
} else {
$tcref->{tcp_ack} = ( $tcref->{priority} << 8 ) | 0x10;
fatal_error "Missing tcp-ack priority" if $prio eq '-';
$tcref->{tcp_ack} = ( $prio << 8 ) | 10;
}
} elsif ( $option =~ /^tos=0x[0-9a-f]{2}$/ ) {
fatal_error "The $option option is not valid with 'occurs" if $tcref->{occurs} > 1;
@ -1397,10 +1410,7 @@ sub process_tc_filter() {
my ( $ip, $ip32, $prio , $lo ) = $family == F_IPV4 ? ('ip', 'ip', 10, 2 ) : ('ipv6', 'ip6', 11 , 4 );
if ( $priority ne '-' ) {
$prio = numeric_value $priority;
fatal_error "Invalid priority ($priority)" unless defined $prio && $prio > 0;
}
$prio = validate_filter_priority( $priority, 'filter' ) unless $priority eq '-';
my $devref;
@ -1936,7 +1946,6 @@ sub process_traffic_shaping() {
$classids{$classid}=$devname;
my $priority = $tcref->{priority} << 8;
my $parent = in_hexp $tcref->{parent};
emit ( "[ \$${dev}_mtu -gt $quantum ] && quantum=\$${dev}_mtu || quantum=$quantum" );
@ -2002,7 +2011,7 @@ sub process_traffic_shaping() {
#
# options
#
emit( "run_tc filter add dev $device parent $devicenumber:0 protocol ip prio " . ( $priority | 0x10 ) . ' u32' .
emit( "run_tc filter add dev $device parent $devicenumber:0 protocol ip prio $tcref->{tcp_ack} u32" .
"\\\n match ip protocol 6 0xff" .
"\\\n match u8 0x05 0x0f at 0" .
"\\\n match u16 0x0000 0xffc0 at 2" .

52
Shorewall/manpages/shorewall-tcclasses.xml
View File

@ -232,17 +232,32 @@
<emphasis>priority</emphasis></term>
<listitem>
<para>For HTB:</para>
<blockquote>
<para>The <emphasis>priority</emphasis> in which classes will be
serviced by the packet shaping scheduler and also the priority in
which bandwidth in excess of the rate will be given to each
class.</para>
<para>Higher priority classes will experience less delay since they
are serviced first. Priority values are serviced in ascending order
(e.g. 0 is higher priority than 1).</para>
<para>Higher priority classes will experience less delay since
they are serviced first. Priority values are serviced in ascending
order (e.g. 0 is higher priority than 1).</para>
<para>Classes may be set to the same priority, in which case they
will be serviced as equals.</para>
</blockquote>
<para>For both HTB and HFSC, the <emphasis>priority</emphasis> is
used to calculate the priority of Shorewall-generated classification
filters that refer to the class. The rules for classes with lower
numeric priorities will appear before those with higher numeric
priorities.</para>
<para>Beginning with Shorewall 4.5.8, the PRIORITY may be omitted,
providing that a priority is specified in the MARK column and with
the <emphasis role="bold">tcp-ack</emphasis> and <emphasis
role="bold">tos</emphasis> options.</para>
</listitem>
</varlistentry>
@ -275,7 +290,7 @@
<varlistentry>
<term><emphasis
role="bold">tos=0x</emphasis><emphasis>value</emphasis>[/0x<emphasis>mask</emphasis>]
role="bold">tos=0x</emphasis><emphasis>value</emphasis>[/0x<emphasis>mask</emphasis>][:<replaceable>priority</replaceable>]
(mask defaults to 0xff)</term>
<listitem>
@ -283,12 +298,20 @@
<emphasis>value</emphasis>/<emphasis>mask</emphasis>
combination of the IP packet's TOS/Precedence/DiffSrv octet
(aka the TOS byte).</para>
<para>Beginning with Shorewall 4.5.8, the
<replaceable>value/mask</replaceable> may be followed by a
colon (":") and a <replaceable>priority</replaceable>. This
priority determines the order in which filter rules are
processed during packet classification. If not specified, the
value (<replaceable>class priority</replaceable> &lt;&lt; 8) |
10) is used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis
role="bold">tos-</emphasis><emphasis>tosname</emphasis></term>
role="bold">tos-</emphasis><emphasis>tosname</emphasis>[:<replaceable>priority</replaceable>]</term>
<listitem>
<para>Aliases for the following TOS octet value and mask
@ -296,6 +319,14 @@
deprecated in favor of diffserve classes, but programs like
ssh, rlogin, and ftp still use them. </para>
<para>Beginning with Shorewall 4.5.8, the
<replaceable>tos-name</replaceable> may be followed by a colon
(":") and a <replaceable>priority</replaceable>. This priority
determines the order in which filter rules are processed
during packet classification. If not specified, the value
(<replaceable>class priority</replaceable> &lt;&lt; 8) | 10)
is used.</para>
<programlisting> <emphasis role="bold">tos-minimize-delay</emphasis> 0x10/0x10
<emphasis role="bold">tos-maximize-throughput</emphasis> 0x08/0x08
<emphasis role="bold">tos-maximize-reliability</emphasis> 0x04/0x04
@ -310,7 +341,8 @@
</varlistentry>
<varlistentry>
<term><emphasis role="bold">tcp-ack</emphasis></term>
<term><emphasis
role="bold">tcp-ack[:<replaceable>priority</replaceable>]</emphasis></term>
<listitem>
<para>If defined, causes a tc filter to be created that puts
@ -320,7 +352,13 @@
limited to 64 bytes because we want only packets WITHOUT
payload to match.</para>
<para/>
<para>Beginning with Shorewall 4.5.8, the <emphasis
role="bold">tcp-ack</emphasis> may be followed by a colon
(":") and a <replaceable>priority</replaceable>. This priority
determines the order in which filter rules are processed
during packet classification. If not specified, the value
(<replaceable>class priority</replaceable> &lt;&lt; 8) | 20)
is used.</para>
<note>
<para>This option is only valid for ONE class per

4
Shorewall/manpages/shorewall-tcfilters.xml
View File

@ -206,7 +206,7 @@
<itemizedlist>
<listitem>
<para>Classify by packet mark - ( <replaceable>class
priority</replaceable> &lt;&lt; 8 ) LOR 32.</para>
priority</replaceable> &lt;&lt; 8 ) | 20.</para>
</listitem>
<listitem>
@ -219,7 +219,7 @@
<listitem>
<para>Complex TC ACK packets - ( <replaceable>class
priority</replaceable> &lt;&lt; 8 ) LOR 16.</para>
priority</replaceable> &lt;&lt; 8 ) | 10.</para>
</listitem>
<listitem>

53
Shorewall6/manpages/shorewall6-tcclasses.xml
View File

@ -229,17 +229,33 @@
<emphasis>priority</emphasis></term>
<listitem>
<para>For HTB:</para>
<blockquote>
<para>The <emphasis>priority</emphasis> in which classes will be
serviced by the packet shaping scheduler and also the priority in
which bandwidth in excess of the rate will be given to each
class.</para>
<para>Higher priority classes will experience less delay since they
are serviced first. Priority values are serviced in ascending order
(e.g. 0 is higher priority than 1).</para>
<para>Higher priority classes will experience less delay since
they are serviced first. Priority values are serviced in ascending
order (e.g. 0 is higher priority than 1).</para>
<para>Classes may be set to the same priority, in which case they
will be serviced as equals.</para>
</blockquote>
<para>For both HTB and HFSC, the <emphasis>priority</emphasis> is
used to calculate the priority of Shorewall-generated classification
filters that refer to the class. The rules for classes with lower
numeric priorities will appear before those with higher numeric
priorities.</para>
<para>Beginning with Shorewall 4.5.8, the PRIORITY may be omitted,
providing that a <replaceable>priority</replaceable> is specified in
the MARK column and with the <emphasis
role="bold">tcp-ack</emphasis> and <emphasis
role="bold">tos</emphasis> options.</para>
</listitem>
</varlistentry>
@ -270,7 +286,7 @@
<varlistentry>
<term><emphasis
role="bold">tos=0x</emphasis><emphasis>value</emphasis>[/0x<emphasis>mask</emphasis>]
role="bold">tos=0x</emphasis><emphasis>value</emphasis>[/0x<emphasis>mask</emphasis>][:<replaceable>priority</replaceable>]
(mask defaults to 0xff)</term>
<listitem>
@ -278,12 +294,20 @@
<emphasis>value</emphasis>/<emphasis>mask</emphasis>
combination of the IP packet's TOS/Precedence/DiffSrv octet
(aka the TOS byte).</para>
<para>Beginning with Shorewall 4.5.8, the
<replaceable>value/mask</replaceable> may be followed by a
colon (":") and a <replaceable>priority</replaceable>. This
priority determines the order in which filter rules are
processed during packet classification. If not specified, the
value (<replaceable>class priority</replaceable> &lt;&lt; 8) |
10) is used.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis
role="bold">tos-</emphasis><emphasis>tosname</emphasis></term>
role="bold">tos-</emphasis><emphasis>tosname</emphasis>[:<replaceable>priority</replaceable>]</term>
<listitem>
<para>Aliases for the following TOS octet value and mask
@ -297,6 +321,14 @@
<emphasis role="bold">tos-minimize-cost</emphasis> 0x02/0x02
<emphasis role="bold">tos-normal-service</emphasis> 0x00/0x1e</programlisting>
<para>Beginning with Shorewall 4.5.8, the
<replaceable>tos-name</replaceable> may be followed by a colon
(":") and a <replaceable>priority</replaceable>. This priority
determines the order in which filter rules are processed
during packet classification. If not specified, the value
(<replaceable>class priority</replaceable> &lt;&lt; 8) | 10)
is used.</para>
<note>
<para>Each of these options is only valid for ONE class per
interface.</para>
@ -305,7 +337,8 @@
</varlistentry>
<varlistentry>
<term><emphasis role="bold">tcp-ack</emphasis></term>
<term><emphasis
role="bold">tcp-ack</emphasis>[:<replaceable>priority</replaceable>]</term>
<listitem>
<para>If defined, causes a tc filter to be created that puts
@ -315,7 +348,13 @@
limited to 64 bytes because we want only packets WITHOUT
payload to match.</para>
<para/>
<para>Beginning with Shorewall 4.5.8, the <emphasis
role="bold">tcp-ack</emphasis> may be followed by a colon
(":") and a <replaceable>priority</replaceable>. This priority
determines the order in which filter rules are processed
during packet classification. If not specified, the value
(<replaceable>class priority</replaceable> &lt;&lt; 8) | 20)
is used.</para>
<note>
<para>This option is only valid for ONE class per

4
Shorewall6/manpages/shorewall6-tcfilters.xml
View File

@ -201,7 +201,7 @@
<itemizedlist>
<listitem>
<para>Classify by packet mark - ( <replaceable>class
priority</replaceable> &lt;&lt; 8 ) LOR 32.</para>
priority</replaceable> &lt;&lt; 8 ) | 20.</para>
</listitem>
<listitem>
@ -214,7 +214,7 @@
<listitem>
<para>Complex TC ACK packets - ( <replaceable>class
priority</replaceable> &lt;&lt; 8 ) LOR 16.</para>
priority</replaceable> &lt;&lt; 8 ) | 20.</para>
</listitem>
<listitem>