Multiple DSCP for Gaming COD?

Installing and Using OpenWrt Network and Wireless Configuration
1

hello to all openwrtiens :slight_smile:

I use this as a script in firewall custom rules my goal is to have several classiffication for ps4 but I don't know if this creates conflicts or not

what do you think I add ttl 255 on the rules like mindwolf ...

iptables -t mangle -N dscp_mark      #Create a new chain named dscp_mark
iptables -t mangle -F dscp_mark        #Flush the selected chain
#
iptables -t mangle -A POSTROUTING -j dscp_mark   #Postrouting=This chain is used for specific types of packet mangling that we wish to take place after all kinds of routing decisions have been done, but still on this machine.Then these packets fall in dscp_mark chain.
#
#
iptables -t mangle -A PREROUTING -j DSCP --set-dscp-class CS0
iptables -t mangle -A POSTROUTING -p udp -d 192.168.2.167 --dport 1024:65535 -j DSCP --set-dscp-class AF41
iptables -t mangle -A POSTROUTING -p udp -s 192.168.2.167 --sport 1024:65535 -j DSCP --set-dscp-class AF41
iptables -t mangle -A POSTROUTING -p tcp -d 192.168.2.167 --dport 1024:65535 -j DSCP --set-dscp-class CS6
iptables -t mangle -A POSTROUTING -p tcp -s 192.168.2.167 --sport 1024:65535 -j DSCP --set-dscp-class CS6
iptables -t mangle -A POSTROUTING -p udp -d 192.168.2.167 --dport 1024:65535 -j DSCP --set-dscp-class CS4
iptables -t mangle -A POSTROUTING -p udp -s 192.168.2.167 --sport 1024:65535 -j DSCP --set-dscp-class CS4
iptables -t mangle -A POSTROUTING -p tcp -d 192.168.2.167 --dport 1024:65535 -j DSCP --set-dscp-class EF
iptables -t mangle -A POSTROUTING -p tcp -s 192.168.2.167 --sport 1024:65535 -j DSCP --set-dscp-class EF

## COD gets AF41  and fall in video priority with 50% threshold and mark them as AF41.
iptables -t mangle -A dscp_mark  -p udp -s 192.168.2.167 --sport 1024:65535 --dport 1024:65535 -j DSCP --set-dscp-class AF41
iptables -t mangle -A dscp_mark  -p udp -d 192.168.2.167 --dport 1024:65535 --sport 1024:65535 -j DSCP --set-dscp-class AF41
iptables -t mangle -A dscp_mark  -p udp -s 192.168.2.167 --sport 1024:65535 --dport 1024:65535 -j DSCP --set-dscp-class CS4
iptables -t mangle -A dscp_mark  -p udp -d 192.168.2.167 --dport 1024:65535 --sport 1024:65535 -j DSCP --set-dscp-class CS4
iptables -t mangle -A dscp_mark  -p udp -s 192.168.2.167 --sport 1024:65535 --dport 1024:65535 -j DSCP --set-dscp-class EF
iptables -t mangle -A dscp_mark  -p udp -d 192.168.2.167 --dport 1024:65535 --sport 1024:65535 -j DSCP --set-dscp-class EF
iptables -t mangle -A dscp_mark  -p tcp -s 192.168.2.167 --sport 1024:65535 --dport 1024:65535 -j DSCP --set-dscp-class AF41
iptables -t mangle -A dscp_mark  -p tcp -d 192.168.2.167  --dport 1024:65535 --sport 1024:65535 -j DSCP --set-dscp-class AF41
iptables -t mangle -A dscp_mark  -p tcp -s 192.168.2.167 --sport 1024:65535 --dport 1024:65535 -j DSCP --set-dscp-class CS4
iptables -t mangle -A dscp_mark  -p tcp -d 192.168.2.167 --dport 1024:65535 --sport 1024:65535 -j DSCP --set-dscp-class CS4
iptables -t mangle -A dscp_mark  -p tcp -s 192.168.2.167 --sport 1024:65535 --dport 1024:65535 -j DSCP --set-dscp-class EF
iptables -t mangle -A dscp_mark  -p tcp -d 192.168.2.167 --dport 1024:65535 --sport 1024:65535 -j DSCP --set-dscp-class EF

#
## PSN network?
iptables -t mangle -A dscp_mark  -p udp -d 192.168.2.167 -m multiport --sport 1024:65535 -j DSCP --set-dscp-class AF41
iptables -t mangle -A dscp_mark  -p udp -s 192.168.2.167 -m multiport --dport 1024:65535 -j DSCP --set-dscp-class AF41
iptables -t mangle -A dscp_mark  -p tcp -d 192.168.2.167 -m multiport --sport 1024:65535 -j DSCP --set-dscp-class AF41
iptables -t mangle -A dscp_mark  -p tcp -s 192.168.2.167 -m multiport --dport 1024:65535 -j DSCP --set-dscp-class AF41

iptables -t mangle -A dscp_mark  -p udp -d 192.168.2.167 -m multiport --sport 1024:65535 -j DSCP --set-dscp-class CS4
iptables -t mangle -A dscp_mark  -p udp -s 192.168.2.167 -m multiport --dport 1024:65535 -j DSCP --set-dscp-class CS4
iptables -t mangle -A dscp_mark  -p tcp -d 192.168.2.167 -m multiport --sport 1024:65535 -j DSCP --set-dscp-class CS4
iptables -t mangle -A dscp_mark  -p tcp -s 192.168.2.167 -m multiport --dport 1024:65535 -j DSCP --set-dscp-class CS4

iptables -t mangle -A dscp_mark  -p udp -d 192.168.2.167 -m multiport --sport 1024:65535 -j DSCP --set-dscp-class EF
iptables -t mangle -A dscp_mark  -p udp -s 192.168.2.167 -m multiport --dport 1024:65535 -j DSCP --set-dscp-class EF
iptables -t mangle -A dscp_mark  -p tcp -d 192.168.2.167 -m multiport --sport 1024:65535 -j DSCP --set-dscp-class EF
iptables -t mangle -A dscp_mark  -p tcp -s 192.168.2.167 -m multiport --dport 1024:65535 -j DSCP --set-dscp-class EF
#
#Chat psn
#iptables -t mangle -A dscp_mark -p udp -m multiport --dport 9305:9309 -j DSCP --set-dscp-class CS1
#iptables -t mangle -A dscp_mark -p udp -m multiport --sport 9305:9309 -j DSCP --set-dscp-class CS1
#iptables -t mangle -A dscp_mark -p tcp -m multiport --dport 9305:9309 -j DSCP --set-dscp-class CS1
#iptables -t mangle -A dscp_mark -p tcp -m multiport --sport 9305:9309 -j DSCP --set-dscp-class CS1
# PS4 normal
iptables -t mangle -A dscp_mark  -s 192.168.2.167 -j DSCP --set-dscp-class CS4
iptables -t mangle -A dscp_mark  -s 192.168.2.167 -j DSCP --set-dscp-class AF41
iptables -t mangle -A dscp_mark  -s 192.168.2.167 -j DSCP --set-dscp-class EF
iptables -t mangle -A dscp_mark  -s 192.168.1.189 -j DSCP --set-dscp-class CS1
iptables -t mangle -A dscp_mark  -s 192.168.1.140 -j DSCP --set-dscp-class CS1
#
iptables -t mangle -A POSTROUTING -p icmp -j DSCP --set-dscp-class CS4

iptables -t mangle -A POSTROUTING -p udp -s 192.168.2.167 --sport 1024:65535 -j TTL --ttl-set 255
iptables -t mangle -A POSTROUTING -p udp -s 192.168.2.167 --sport 1024:65535 -j TTL --ttl-set 255
iptables -t mangle -A POSTROUTING -p tcp -s 192.168.2.167 --sport 1024:65535 -j TTL --ttl-set 255
iptables -t mangle -A POSTROUTING -p tcp -s 192.168.2.167 --sport 1024:65535 -j TTL --ttl-set 255

@mindwolf @moeller0 @dlakelan thanks for you help mate i'm following all your tuto about long time :slight_smile:

Capture d’écran 2020-11-14 à 04.03.43
Capture d’écran 2020-11-14 à 04.03.43642×572 41.6 KB
Capture d’écran 2020-11-14 à 04.03.31
Capture d’écran 2020-11-14 à 04.03.31701×285 21.8 KB
Capture d’écran 2020-11-14 à 04.03.17
Capture d’écran 2020-11-14 à 04.03.17548×544 32.2 KB

1 Like
2

I have not much to say about the rules, except I like your way to restrict those to the gaming consoles IP, ports are ephemeral and any application can use any port (above portnumber ~1000).

I would however not use test_WAN_triple-isolate__piece_of_cake.qos, and just use piece_of_cake,qos, which IIRC defaults to triple-isolate....

2 Likes
3

I agree with @moeller0

Everything looks good. I use port 1024-65535 ONLY for a specific ip to ensure there is a catch all as gaming consoles never use the reserved ports thankfully.

2 Likes
4

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.