How do I add more l7 protocols?

[blindbox]

I added it to the /etc/l7-protocols folder and nothing comes out of the QoS.

Do I have to restart the router for it to add itself, or is there something else I should do?

[pbix]

The bad news is that you cannot do this at the moment.

The good news is that I have completed a design to allow you to do exactly that. If you are interested in testing it in advance of the next release let me know and I will post some files for you.

[blindbox]

Wow, sure. I kinda have the affinity for beta software. Especially for one as good as this.

I'm currently on D-Link DIR-300, Gargoyle 1.2.4 (atheros).

[pbix]

Sorry for the delay on this but I had to travel this past week.

The promised design for user l7-protocol support is attached. If you want to try it out you need to unzip the attached and replace the files on your router with the files of the same names in the attached.

You will notice that I added several new patterns in etc/l7-protocol.

To add your own patterns copy your pattern file to etc/l7-protocol and then edit the etc/l7-protocol/l7index file appropriately.

I hope to get this into the next Gargoyle release.

Any feedback on your experience with this positive or negative would be appreciated.

This approach will work on Gargoyle version 1.2.3 or later. You are on your own if you try it on an earlier version.

[blindbox]

I can indeed see it working, now if I recall someone told me l7 protocols are a bad idea for QoS.. not sure if I can test it properly, but I will anyway.

EDIT: Oh boy, it broke the whole QoS. I didn't have QoS enabled before applying this. It is normal before editing the l7-index file. It gets borked after I edit the l7-index file.



This screenshot explains.

[pbix]

Looking at your screen shot it seems possible that you did not update all the files I sent you. Please double check that all are in the correct position.

If that checks out then rename your /etc/config/qos_gargole.conf to something else. This will erase your previous qos configuration. Perhaps there is a problem there.

I will check back later today to see how you are doing.

[blindbox]

QoS is perfectly normal and working as long as I don't disturb the l7-index file. After I disturb it (which I added two lines, according to the given pattern), it gets borked. When I remove the two lines again, it becomes ok.

I'm pretty sure I copied them correctly. I used WinSCP for this, and even replaced twice.

Reboot doesn't help.


Gonna try deleting the config file.

Anyway, another bug I noticed is that the texts are not greyed out in both the service class add and the rule add. THis too, happens after messing with the l7-index file. Also happens after deleting the config file. Currently re-editing my QoS to its former shape to see what happens.

EDIT: Okay, I can't even add any service classes. Things happen, in a bad manner, after editing the l7-index file I guess

[pbix]

In addition to adding lines to the l7index file you have to add the new .pat file(s) in the same directory. If you have done this already then maybe something is wrong with your pattern files.

run '/etc/init.d/qos_gargoyle restart'. You may see an error message there about your .pat file(s). Where did you get them?

[blindbox]

Code: Select all

root@OpenWrt:~# /etc/init.d/qos_gargoyle restart
l7 used = "ssl ssl"
tc class add dev ppp0 parent 1:0 classid 1:1 hfsc ls rate 1000Mbit ul rate 280kbit
tc class add dev ppp0 parent 1:1 classid 1:2 hfsc ls m2 400Mbit
tc qdisc add dev ppp0 parent 1:2 red limit 35000 min 2333 max 7000 avpkt 1000 burst 3 probability 0.1 bandwidth 280
tc filter add dev ppp0 parent 1:0 prio 2 protocol ip handle 0x2 fw flowid 1:2
tc class add dev ppp0 parent 1:1 classid 1:3 hfsc ls m2 300Mbit
tc qdisc add dev ppp0 parent 1:3 red limit 35000 min 2333 max 7000 avpkt 1000 burst 3 probability 0.1 bandwidth 280
tc filter add dev ppp0 parent 1:0 prio 3 protocol ip handle 0x3 fw flowid 1:3
tc class add dev ppp0 parent 1:1 classid 1:4 hfsc ls m2 200Mbit
tc qdisc add dev ppp0 parent 1:4 red limit 35000 min 2333 max 7000 avpkt 1000 burst 3 probability 0.1 bandwidth 280
tc filter add dev ppp0 parent 1:0 prio 4 protocol ip handle 0x4 fw flowid 1:4
tc class add dev ppp0 parent 1:1 classid 1:5 hfsc ls m2 100Mbit
tc qdisc add dev ppp0 parent 1:5 red limit 35000 min 2333 max 7000 avpkt 1000 burst 3 probability 0.1 bandwidth 280
tc filter add dev ppp0 parent 1:0 prio 5 protocol ip handle 0x5 fw flowid 1:5
tc qdisc change dev ppp0 root handle 1:0 hfsc default 4
iptables -t mangle -I qos_egress -p tcp  -s 192.168.1.2 --sport 51920 -j MARK --set-mark 0x5
iptables -t mangle -I qos_egress -p udp  -s 192.168.1.2 --sport 51920 -j MARK --set-mark 0x5
iptables -t mangle -I qos_egress -p tcp  --dport 80 -j MARK --set-mark 0x2
iptables -t mangle -I qos_egress -p udp  --dport 80 -j MARK --set-mark 0x2
iptables -t mangle -I qos_egress -p tcp  --dport 443 -j MARK --set-mark 0x2
iptables -t mangle -I qos_egress -p udp  --dport 443 -j MARK --set-mark 0x2
iptables -t mangle -I qos_egress   -s 192.168.1.2 -j MARK --set-mark 0x2
iptables -t mangle -I qos_egress   -s 192.168.1.4 -j MARK --set-mark 0x2
iptables -t mangle -I qos_egress -p udp  -m length --length 0:250 -j MARK --set-mark 0x3
iptables -t mangle -I qos_egress   -m connmark --mark 0x10000/0xFF0000  -j MARK --set-mark 0x3
tc class add dev imq0 parent 1:0 classid 1:1 hfsc ls rate 1000Mbit ul rate 1200kbit
tc class add dev imq0 parent 1:1 classid 1:2 hfsc ls m2 400Mbit  rt m1 160kbit d 20ms m2 80kbit
tc qdisc add dev imq0 parent 1:2 red limit 150000 min 10000 max 30000 avpkt 1000 burst 16 probability 0.1 bandwidth 1200
tc filter add dev imq0 parent 1:0 prio 2 protocol ip handle 0x200 fw flowid 1:2
tc class add dev imq0 parent 1:1 classid 1:3 hfsc ls m2 300Mbit
tc qdisc add dev imq0 parent 1:3 red limit 150000 min 10000 max 30000 avpkt 1000 burst 16 probability 0.1 bandwidth 1200
tc filter add dev imq0 parent 1:0 prio 3 protocol ip handle 0x300 fw flowid 1:3
tc class add dev imq0 parent 1:1 classid 1:4 hfsc ls m2 200Mbit
tc qdisc add dev imq0 parent 1:4 red limit 150000 min 10000 max 30000 avpkt 1000 burst 16 probability 0.1 bandwidth 1200
tc filter add dev imq0 parent 1:0 prio 4 protocol ip handle 0x400 fw flowid 1:4
tc class add dev imq0 parent 1:1 classid 1:5 hfsc ls m2 100Mbit
tc qdisc add dev imq0 parent 1:5 red limit 150000 min 10000 max 30000 avpkt 1000 burst 16 probability 0.1 bandwidth 1200
tc filter add dev imq0 parent 1:0 prio 5 protocol ip handle 0x500 fw flowid 1:5
tc qdisc change dev imq0 root handle 1:0 hfsc default 4
iptables -t mangle -I qos_ingress -p tcp  -d 192.168.1.2 --dport 51920 -j MARK --set-mark 0x500
iptables -t mangle -I qos_ingress -p udp  -d 192.168.1.2 --dport 51920 -j MARK --set-mark 0x500
iptables -t mangle -I qos_ingress -p tcp  --sport 80 -j MARK --set-mark 0x200
iptables -t mangle -I qos_ingress -p udp  --sport 80 -j MARK --set-mark 0x200
iptables -t mangle -I qos_ingress -p tcp  --sport 443 -j MARK --set-mark 0x200
iptables -t mangle -I qos_ingress -p udp  --sport 443 -j MARK --set-mark 0x200
iptables -t mangle -I qos_ingress   -d 192.168.1.4 -j MARK --set-mark 0x200
iptables -t mangle -I qos_ingress   -d 192.168.1.2 -j MARK --set-mark 0x200
iptables -t mangle -I qos_ingress -p udp  -m length --length 0:250 -j MARK --set-mark 0x300
iptables -t mangle -I qos_ingress   -m connmark --mark 0x10000/0xFF0000  -j MARK --set-mark 0x300
root@OpenWrt:~#

I did this after I've set the l7-index. Same thing in the screenshot. I don't see any .pat errors (I do have them inside the l7-protocols).

I got those l7 protocols from here.
http://l7-filter.sourceforge.net/protocols

[pbix]

I agree that the file you posted looks OK.

Lets check for a syntactical error in your l7index file.

Please attach it to your response, do not embed it in your response, attach it as a separate file.