Please, note I sent a PR request in @ldir's GitHub to extend the syntax a little bit to allow for the negation of ports, support for an option counter
and use of auto-merge
option.
I saw your PR but it looks like there hasn’t been much activity on the project lately. I should have looked a bit closer because today I also added an issue on @yelreve‘s github to add a counter option.
Thanks man. Already did a custom build a few hours ago and it’s now up and running.
very good news thanks for all work
i try to make twitch cs3 but dones't work any
meta nfproto ipv4 tcp sport 1935 counter packets 0 bytes 0 goto ct_set_cs3 comment "twitch1"
config rule
option name 'twitch1'
option proto 'tcp'
list src_port '1935'
option class 'cs3'
list dst_ip '192.168.2.160'
he appair cs4
142.250.75.236 192.168.2.160 TCP CS4 1935 54183 1935 → 54183 [ACK] Seq=1 Ack=30202 Win=1723 Len=0 TSval=1053809678 TSecr=1325450932
for my consoles i has just add like this ...
config global 'global'
option class_bulk 'le'
option class_high_throughput 'af13'
option client_hints '1'
option threaded_client_min_bytes '10000'
option threaded_service_min_bytes '1000000'
option wmm '1'
config rule
option name 'Consoles ps5'
option proto 'udp'
list src_ip '192.168.2.160'
list dest_port '!80'
list dest_port '!443'
option class 'cs4'
option family 'ipv4'
option counter '1'
Turn off wmm and then restart the service and try again…
thanks so much he work very well i will play tonight a little bit and keep informed to my game
i love OpenWrt for this
@amteza
I’m trying the counter option of your pull request now and it seems like the counters don’t increase. It seems like only the first few packets of a flow count:
Is this because of ctinfo or do you have a clue why this happens?? I played 3 matches of cod. Packets land in the right tin (voice) and also are marked right when I do a packet capture (cs5).
Mon Jan 2 19:43:00 2023 daemon.notice procd: /etc/rc.d/S20dscpclassify: define wan = { }
Mon Jan 2 19:43:00 2023 daemon.notice procd: /etc/rc.d/S20dscpclassify: ^^^^
Mon Jan 2 19:43:00 2023 daemon.notice procd: /etc/rc.d/S20dscpclassify: In file included from /etc/dscpclassify.d/main.nft:4:1-44:
Mon Jan 2 19:43:00 2023 daemon.notice procd: /etc/rc.d/S20dscpclassify: /tmp/etc/dscpclassify-pre.include:2:14-17: Error: Set is empty
Mon Jan 2 19:43:00 2023 daemon.notice procd: /etc/rc.d/S20dscpclassify: define wan = { }
Mon Jan 2 19:43:00 2023 daemon.notice procd: /etc/rc.d/S20dscpclassify: ^^^^
Mon Jan 2 19:43:00 2023 daemon.notice procd: /etc/rc.d/S20dscpclassify: In file included from /etc/dscpclassify.d/main.nft:4:1-44:
Mon Jan 2 19:43:00 2023 daemon.notice procd: /etc/rc.d/S20dscpclassify: /tmp/etc/dscpclassify-pre.include:1:14-17: Error: Set is empty
Mon Jan 2 19:43:00 2023 daemon.notice procd: /etc/rc.d/S20dscpclassify: define lan = { }
Mon Jan 2 19:43:00 2023 daemon.notice procd: /etc/rc.d/S20dscpclassify: ^^^^
do you has this erro too ?
i'm not sûre of my error, maybe a systèm log of past
after two hours
my game was amazing i had two three errors but the game has bugs sometimes
the hitmarkers is good
just a last question
I have this part checked is it important or not to check it? thanks or it has no impact
I see that someone shared my config with you.
Yes, that's correct, only counts flows. You won't see the counter increasing for every packet. You'll see packets to create the conntrack flow. Then, of course, individual packets will land on the right cake tins.
This is incorrect, mate, and I reckon if you are writing here a local IP and you have a list src_port
clause, it means you should be using list scr_ip
too.
BTW, the syntax is list dest_ip
, so even that is incorrect. And, check your static rules with nft list chain inet dscpclassify static_classify
, and see if they are being created, it looks like your log errors are due to a syntax error.
hi everybody, ok thanks amteza i will change et keep informés
Tue Jan 3 11:05:56 2023 daemon.notice dscpclassify: service stopped
Tue Jan 3 11:05:56 2023 daemon.notice dscpclassify: service started
Tue Jan 3 11:06:22 2023 user.notice SQM: SQM stopped on wan
Tue Jan 3 11:06:22 2023 user.notice SQM: Started SQM script: layer_cake_ct.qos on wan, in: 400000 Kbps, out: 200000 Kbps
Tue Jan 3 11:06:23 2023 user.notice SQM : layer_cake_ct.qos has been successfully run on wan
are you sure I'm wrong @amteza for the ip destination
I think the error was that I had a vlan for the ps5 and also that I had separated in sqm the wan and the lan
I realized that it was necessary to put in the download the wan for ifb ...
edit i came veirfied just now
root@OpenWrt1er-router:~# nft list chain inet dscpclassify static_classify
table inet dscpclassify {
chain static_classify {
ip saddr 192.168.2.160 udp dport != { 80, 443 } counter packets 6 bytes 423 goto ct_set_cs4 comment "Consoles ps5"
ip saddr 192.168.2.160 tcp dport 1935 counter packets 0 bytes 0 goto ct_set_cs3 comment "twitch1"
ip dscp != { cs0, cs6, cs7 } iifname != { "wan" } (@nh,8,8 & 0xfc) >> 2 vmap @dscp_ct
ip6 dscp != { cs0, cs6, cs7 } iifname != { "wan" } (@nh,0,16 & 0xfc0) >> 6 vmap @dscp_ct
meta l4proto != { tcp, udp } goto ct_set_cs0
ct mark set ct mark & 0xffffff80 | 0x00000080
}
}
root@OpenWrt1er-router:~#
its seems like its working fine right now, i run a torrent dl and a twitch stream and i was playing csgo at the same time and the ping was stable even with this slow adsl line that i have...
root@OpenWrt:~# tc -s qdisc
qdisc noqueue 0: dev lo root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc fq_codel 0: dev eth0 root refcnt 2 limit 10240p flows 1024 quantum 1514 target 5ms interval 100ms memory_limit 4Mb ecn drop_batch 64
Sent 9947925017 bytes 12004930 pkt (dropped 0, overlimits 0 requeues 7756)
backlog 0b 0p requeues 7756
maxpacket 1514 drop_overlimit 0 new_flow_count 6395 ecn_mark 0
new_flows_len 0 old_flows_len 0
qdisc noqueue 0: dev br-lan root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc noqueue 0: dev eth0.1 root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc cake 801d: dev eth0.2 root refcnt 2 bandwidth 700Kbit diffserv8 dual-srchost nat nowash ack-filter split-gso rtt 100ms atm overhead 32
Sent 18287841 bytes 142719 pkt (dropped 61535, overlimits 305127 requeues 0)
backlog 8238b 81p requeues 0
memory used: 980Kb of 4Mb
capacity estimate: 700Kbit
min/max network layer size: 28 / 1492
min/max overhead-adjusted size: 106 / 1696
average network hdr offset: 14
Tin 0 Tin 1 Tin 2 Tin 3 Tin 4 Tin 5 Tin 6 Tin 7
thresh 700Kbit 612496bit 535928bit 468936bit 410312bit 359016bit 314136bit 274864bit
target 26ms 29.7ms 34ms 38.8ms 44.4ms 50.7ms 58ms 66.3ms
interval 121ms 125ms 129ms 134ms 139ms 146ms 153ms 161ms
pk_delay 274ms 0us 25.6ms 0us 0us 0us 9.43ms 2.93ms
av_delay 83ms 0us 3.79ms 0us 0us 0us 1.91ms 94us
sp_delay 14.3ms 0us 502us 0us 0us 0us 350us 90us
backlog 8096b 0b 88b 0b 0b 0b 0b 0b
pkts 12139 0 145016 0 0 0 47158 22
bytes 1269328 0 13113877 0 0 0 9238861 924
way_inds 486 0 124 0 0 0 0 0
way_miss 127 0 1357 0 0 0 117 1
way_cols 0 0 0 0 0 0 0 0
drops 5497 0 950 0 0 0 0 0
marks 0 0 13 0 0 0 0 0
ack_drop 0 0 55088 0 0 0 0 0
sp_flows 16 0 13 0 0 0 2 1
bk_flows 12 0 0 0 0 0 0 0
un_flows 0 0 0 0 0 0 0 0
max_len 1506 0 7788 0 0 0 586 42
quantum 300 300 300 300 300 300 300 300
qdisc ingress ffff: dev eth0.2 parent ffff:fff1 ----------------
Sent 276072510 bytes 240548 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc noqueue 0: dev wlan0 root refcnt 2
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
qdisc cake 801e: dev ifb4eth0.2 root refcnt 2 bandwidth 12Mbit diffserv8 dual-dsthost nat nowash ingress no-ack-filter split-gso rtt 100ms atm overhead 32
Sent 264388063 bytes 230380 pkt (dropped 10134, overlimits 387333 requeues 0)
backlog 46606b 34p requeues 0
memory used: 378560b of 4Mb
capacity estimate: 12Mbit
min/max network layer size: 46 / 1500
min/max overhead-adjusted size: 106 / 1696
average network hdr offset: 14
Tin 0 Tin 1 Tin 2 Tin 3 Tin 4 Tin 5 Tin 6 Tin 7
thresh 12Mbit 10500Kbit 9187Kbit 8039Kbit 7034Kbit 6154Kbit 5385Kbit 4712Kbit
target 5ms 5ms 5ms 5ms 5ms 5ms 5ms 5ms
interval 100ms 100ms 100ms 100ms 100ms 100ms 100ms 100ms
pk_delay 101ms 4.8ms 27ms 0us 0us 0us 1.21ms 1.33ms
av_delay 27.8ms 234us 5.07ms 0us 0us 0us 497us 127us
sp_delay 5.36ms 108us 1.1ms 0us 0us 0us 80us 83us
backlog 22728b 0b 23878b 0b 0b 0b 0b 0b
pkts 12562 57 174340 0 0 0 53490 99
bytes 8903321 5634 254770473 0 0 0 15758228 14046
way_inds 11 0 6 0 0 0 0 0
way_miss 170 16 796 0 0 0 116 7
way_cols 0 0 0 0 0 0 0 0
drops 446 0 9688 0 0 0 0 0
marks 0 0 1 0 0 0 0 0
ack_drop 0 0 0 0 0 0 0 0
sp_flows 6 1 4 0 0 0 1 1
bk_flows 7 0 5 0 0 0 0 0
un_flows 0 0 0 0 0 0 0 0
max_len 1514 185 3016 0 0 0 1242 174
quantum 366 320 300 300 300 300 300 300
root@OpenWrt:~#
why you use diffserv8 ?
can you share like say amteza
nft list chain inet dscpclassify static_classify
thanks
and share config dscpclassify is simply for the moment
config global 'global'
option class_bulk 'le'
option class_high_throughput 'af13'
option client_hints '1'
option threaded_client_min_bytes '10000'
option threaded_service_min_bytes '1000000'
option wmm '0'
config rule
option name 'Consoles ps5'
option proto 'udp'
list src_ip '192.168.2.160'
list dest_port '!80'
list dest_port '!443'
option class 'cs4'
option family 'ipv4'
option counter '1'
config rule
option name 'twitch1'
option proto 'tcp'
list dest_port '1935'
option class 'cs3'
list src_ip '192.168.2.160'
option family 'ipv4'
option counter '1'
in not sure why but diffserv4 never worked for me maybe because the voice tin gives me little upload bandwith for my game which causes my ping to spike
i might give it a shot again and see how it goes but now im fine with diffserv8 since it works
yes I see you have a standard adsl that is bound to disappear in the next few years ...
nft list chain inet dscpclassify static_classify
table inet dscpclassify {
chain static_classify {
meta l4proto { tcp, udp } th dport { 53, 853, 5353 } goto ct_set_cs5 comment "DNS"
udp dport { 67, 68 } goto ct_set_cs5 comment "BOOTP/DHCP"
udp dport 123 goto ct_set_cs0 comment "NTP"
tcp dport 22 goto ct_set_cs2 comment "SSH"
ip saddr 192.168.2.244 udp sport 27000-27500 goto ct_set_ef comment "CSGO"
udp dport 3478-3481 udp sport 50020-50039 goto ct_set_af41 comment "Teams video"
ip dscp != { cs0, cs6, cs7 } iifname != { "eth0.2" } (@nh,8,8 & 0xfc) >> 2 vmap @dscp_ct
ip6 dscp != { cs0, cs6, cs7 } iifname != { "eth0.2" } (@nh,0,16 & 0xfc0) >> 6 vmap @dscp_ct
meta l4proto != { tcp, udp } goto ct_set_cs0
ct mark set ct mark & 0xffffff80 | 0x00000080
}
}
my config
config global 'global'
option class_bulk 'le'
option class_high_throughput 'af13'
option client_hints '1'
option threaded_client_min_bytes '10000'
option threaded_service_min_bytes '1000000'
option wmm '0'
config rule
option name 'DNS'
list proto 'tcp'
list proto 'udp'
list dest_port '53'
list dest_port '853'
list dest_port '5353'
option class 'cs5'
config rule
option name 'BOOTP/DHCP'
option proto 'udp'
list dest_port '67'
list dest_port '68'
option class 'cs5'
config rule
option name 'NTP'
option proto 'udp'
option dest_port '123'
option class 'cs0'
config rule
option name 'SSH'
option proto 'tcp'
option dest_port '22'
option class 'cs2'
config rule
option name 'CSGO'
option proto 'udp'
option src_port '27000-27500'
option class 'EF'
option src_ip '192.168.2.244'
option dst_port '27000-27500'
option enabled '1'
config rule
option name 'Teams video'
option proto 'udp'
option src_port '50020-50039'
option dest_port '3478-3481'
option class 'af41'
config rule
option name 'ICMP'
option proto 'icmp'
option class 'cs5'
option enabled '0'
nah not in my country or at least where i live...
ok do you has a traffic like me look
put in
root
root@OpenWrt1er-router:~# nft list ruleset
chain static_classify {
ip saddr 192.168.2.160 udp dport != { 80, 443 } counter packets 109 bytes 9284 goto ct_set_cs4 comment "Consoles ps5"
ip saddr 192.168.2.160 tcp dport 1935 counter packets 1 bytes 60 goto ct_set_cs3 comment "twitch1"
ip dscp != { cs0, cs6, cs7 } iifname != { "wan" } (@nh,8,8 & 0xfc) >> 2 vmap @dscp_ct
ip6 dscp != { cs0, cs6, cs7 } iifname != { "wan" } (@nh,0,16 & 0xfc0) >> 6 vmap @dscp_ct
meta l4proto != { tcp, udp } goto ct_set_cs0
ct mark set ct mark & 0xffffff80 | 0x00000080
verify is counter work