From 6263eba4c1f20a0adcee2bbde2ace895fe5f0f63 Mon Sep 17 00:00:00 2001 From: acinonyx Date: Sun, 2 May 2010 20:24:44 +0000 Subject: [PATCH] [packages] dsl-qos-queue: Change port names to numeric values (#7266) git-svn-id: svn://svn.openwrt.org/openwrt/packages@21315 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- net/dsl-qos-queue/patches/010-ports_fix.patch | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 net/dsl-qos-queue/patches/010-ports_fix.patch diff --git a/net/dsl-qos-queue/patches/010-ports_fix.patch b/net/dsl-qos-queue/patches/010-ports_fix.patch new file mode 100644 index 000000000..4280a1136 --- /dev/null +++ b/net/dsl-qos-queue/patches/010-ports_fix.patch @@ -0,0 +1,22 @@ +--- a/ipt_rules ++++ b/ipt_rules +@@ -26,14 +26,14 @@ iptables -t mangle -A MYSHAPER-OUT -p tc + iptables -t mangle -A MYSHAPER-OUT -p icmp -j MARK --set-mark 20 # ICMP (ping) - high prio, impress friends + iptables -t mangle -A MYSHAPER-OUT -p udp --dport 123 -j MARK --set-mark 20 # NTP should be low-lag + iptables -t mangle -A MYSHAPER-OUT -p udp --dport 53 -j MARK --set-mark 21 # DNS name resolution (small packets) +-iptables -t mangle -A MYSHAPER-OUT -p tcp --dport ssh -j MARK --set-mark 22 # secure shell +-iptables -t mangle -A MYSHAPER-OUT -p tcp --sport ssh -j MARK --set-mark 22 # secure shell +-iptables -t mangle -A MYSHAPER-OUT -p tcp --dport telnet -j MARK --set-mark 22 # telnet (ew...) +-iptables -t mangle -A MYSHAPER-OUT -p tcp --sport telnet -j MARK --set-mark 22 # telnet (ew...) ++iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 22 -j MARK --set-mark 22 # secure shell ++iptables -t mangle -A MYSHAPER-OUT -p tcp --sport 22 -j MARK --set-mark 22 # secure shell ++iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 23 -j MARK --set-mark 22 # telnet (ew...) ++iptables -t mangle -A MYSHAPER-OUT -p tcp --sport 23 -j MARK --set-mark 22 # telnet (ew...) + iptables -t mangle -A MYSHAPER-OUT -p ipv6-crypt -j MARK --set-mark 24 # IPSec - we dont know what the payload is though... + iptables -t mangle -A MYSHAPER-OUT -p udp --dport 10000 -j MARK --set-mark 24 # IPSec (udp tunnel) - we dont know what the payload is though... + +-iptables -t mangle -A MYSHAPER-OUT -p tcp --sport http -j MARK --set-mark 25 # Local web server ++iptables -t mangle -A MYSHAPER-OUT -p tcp --sport 80 -j MARK --set-mark 25 # Local web server + iptables -t mangle -A MYSHAPER-OUT -p tcp -m length --length :64 -j MARK --set-mark 21 # small packets (probably just ACKs) + iptables -t mangle -A MYSHAPER-OUT -p tcp --sport 3389 -j MARK --set-mark 23 # windows remote computer connection + iptables -t mangle -A MYSHAPER-OUT -m mark --mark 0 -j MARK --set-mark 26 # redundant- mark any unmarked packets as 26 (low pri