From eadad9a3633ca31e889eb2a1c7ca4f58d60a7d09 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Tue, 25 Mar 2008 15:45:26 +0000
Subject: [PATCH] Fix priority mingling in tc filters

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8356 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-common/changelog.txt    |  2 ++
 Shorewall-common/releasenotes.txt | 10 ++++++++++
 Shorewall-perl/Shorewall/Tc.pm    |  4 ++--
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/Shorewall-common/changelog.txt b/Shorewall-common/changelog.txt
index bbc03405e..168bbe395 100644
--- a/Shorewall-common/changelog.txt
+++ b/Shorewall-common/changelog.txt
@@ -12,6 +12,8 @@ Changes in 4.1.7
 
 6)  Add MANGLE_ENABLED option.
 
+7)  Fix priority mingling in tc filters.
+
 Changes in 4.1.6
 
 1)  Deprecate IMPLICIT_CONTINUE=Yes
diff --git a/Shorewall-common/releasenotes.txt b/Shorewall-common/releasenotes.txt
index 69eb7e1f1..716d584f9 100644
--- a/Shorewall-common/releasenotes.txt
+++ b/Shorewall-common/releasenotes.txt
@@ -79,6 +79,16 @@ Problems corrected in Shorewall-perl 4.1.7.
 2)  Trailing columns containing '-' would outwit Shorewall-perl's
     detection of 'too few columns' errors.
 
+3) 'shorewall start' could fail with an error similar to the following:
+
+   RTNETLINK answers: Invalid argument
+   We have an error talking to the kernel
+      ERROR: Command "tc filter add dev bond0.207 parent 1:0 protocol ip
+      pref 10 u32 match ip protocol 6 0xff match u8 0x05 0x0f at 0 match u16
+      0x0000 0xffc0 at 2 match u8 0x10 0xff at 33 flowid 1:11" Failed
+   /sbin/shorewall: line 723:   755 Terminated
+   $SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
+
 New Features in 4.1.7.
 
 1)  If an interface fails when using balanced multi-ISP routing, the
diff --git a/Shorewall-perl/Shorewall/Tc.pm b/Shorewall-perl/Shorewall/Tc.pm
index 6954f561a..72e8027a5 100644
--- a/Shorewall-perl/Shorewall/Tc.pm
+++ b/Shorewall-perl/Shorewall/Tc.pm
@@ -787,11 +787,11 @@ sub setup_traffic_shaping() {
 	#
 	# add filters
 	#
-	emit "run_tc filter add dev $device protocol ip parent $devicenumber:0 pref 10 handle $mark fw classid $classid" unless $devref->{classify};
+	emit "run_tc filter add dev $device protocol ip parent $devicenumber:0 prio 1 handle $mark fw classid $classid" unless $devref->{classify};
 	#
 	#options
 	#
-	emit "run_tc filter add dev $device parent $devref->{number}:0 protocol ip pref 10 u32 match ip protocol 6 0xff match u8 0x05 0x0f at 0 match u16 0x0000 0xffc0 at 2 match u8 0x10 0xff at 33 flowid $classid" if $tcref->{tcp_ack};
+	emit "run_tc filter add dev $device parent $devref->{number}:0 protocol ip prio 10 u32 match ip protocol 6 0xff match u8 0x05 0x0f at 0 match u16 0x0000 0xffc0 at 2 match u8 0x10 0xff at 33 flowid $classid" if $tcref->{tcp_ack};
 
 	for my $tospair ( @{$tcref->{tos}} ) {
 	    my ( $tos, $mask ) = split q(/), $tospair;