SQM new options with interface connexion DSCP

anon78773196 · August 22, 2024, 6:50pm

Hello everyone, is it possible to do something like QoSmate for SQM and see the connections that appear with DSCP? Thank you.
@Hudra
@dlakelan
@choppyc

config queue
	option enabled '1'
	option interface 'eth1'
	option download '750000'
	option upload '750000'
	option debug_logging '0'
	option verbosity '5'
	option qdisc 'cake'
	option script 'layer_cake.qos'
	option qdisc_advanced '1'
	option squash_dscp '1'
	option squash_ingress '1'
	option ingress_ecn 'ECN'
	option egress_ecn 'NOECN'
	option qdisc_really_really_advanced '1'
	option iqdisc_opts 'diffserv4 dual-dsthost nat ingress nowash noatm overhead 44'
	option eqdisc_opts 'diffserv4  dual-srchost nat wash noatm overhead 44'
	option linklayer 'none'

config rule
	list dest_ip '192.168.2.168'
	option set_dscp 'CS4'
	option target 'DSCP'
	option src 'wan'
	option name 'port 3074 ps5 julien'
	option family 'ipv4'
	option dest 'lan'
	list proto 'tcp'
	list proto 'udp'
	list proto 'icmp'

connexion dscp

I would also like, based on dlakelan, to see the interface of its servers, similar to what this script I created in the past does.

this is the script geofilter found server

#!/bin/sh
############################################################

ipconsole={192.168.2.168} # ajoute ta console
#port={3074}



nft add table inet dopam # autorise

nft flush table inet dopam # nettoie les regles

nft -f /dev/stdin <<EOF
table inet dopam {

   
### change pour choisir ce que tu veux

     set udp_meter4 {typeof ip saddr . ip daddr . udp sport . udp dport
        timeout 5m
    }

	set tcp_meter4 {typeof ip saddr . ip daddr . tcp sport . tcp dport
        timeout 5m
    }



      chain dopam {
 type filter hook forward priority 0; policy accept;
       #udp sport $port
   #udp dport $port
   
	
        ip protocol tcp ip daddr $ipconsole
        ip protocol tcp ip saddr $ipconsole
       
        ip protocol udp ip daddr $ipconsole
        ip protocol udp ip saddr $ipconsole

         #choisi ton protocole pour ce que tu veux
        ip protocol udp ip daddr $ipconsole add @udp_meter4 {ip saddr . ip daddr . udp sport . udp dport}
	ip protocol tcp ip daddr $ipconsole add @tcp_meter4 {ip saddr . ip daddr . tcp sport . tcp dport}

#ip protocol udp udp sport $port add @udp_meter4 {ip saddr . ip daddr . udp sport . udp dport}
       

            }
}
EOF
#### lancer la commande nft list ruleset
#### lancer la commande nft list ruleset


### Init Script ###

## Check if the file does not exist
if [ ! -f "/etc/init.d/DOPAMSERVER" ]; then
cat << "INITSCRIPT" > /etc/init.d/DOPAMSERVER
#!/bin/sh /etc/rc.common

USE_PROCD=1

START=99
STOP=99

service_triggers() {
    procd_add_reload_trigger firewall
}

start_service() {
    /etc/init.d/DOPAMSERVER enabled || exit 0
    echo start
    procd_open_instance
    procd_set_param command /bin/sh "/root/DOPAMSERVER.sh"
    procd_set_param stdout 1
    procd_set_param stderr 1
    procd_close_instance
}

restart() {
    /etc/init.d/DOPAMSERVER enabled || exit 0
    echo restart
    /root/DOPAMSERVER.sh
}

stop_service() {
    echo stop
    ############################################################

   

    ## Default warning settings
    uci -q get dhcp.odhcpd.loglevel | grep "4" > /dev/null 2>&1 || {
    uci set dhcp.odhcpd.loglevel="4"
    uci commit && reload_config
    }

    ############################################################

   

    ############################################################
    exit 0
}

reload_service() {
    start
}
INITSCRIPT
chmod 755 /etc/init.d/DOPAMSERVER > /dev/null 2>&1
/etc/init.d/DOPAMSERVER enable > /dev/null 2>&1
fi

############################################################

### Hotplug ###

## Check if the file does not exist
if [ ! -f "/etc/hotplug.d/iface/99-DOPAMSERVER" ]; then
cat << "HOTPLUG" > /etc/hotplug.d/iface/99-DOPAMSERVER
#!/bin/sh

[ "$ACTION" = ifup ] || [ "$ACTION" = ifupdate ] || exit 0
[ "$ACTION" = ifupdate ] && [ -z "$IFUPDATE_ADDRESSES" ] && [ -z "$IFUPDATE_DATA" ] && exit 0

# Ensure that the script is executable by Owner
if [ ! -x "/root/DOPAMSERVER.sh" ] || [ ! -x "/etc/init.d/DOPAMSERVER" ]; then
    chmod 755 /root/DOPAMSERVER.sh
    chmod 755 /etc/init.d/DOPAMSERVER
fi

# Check if the init script is enabled to reload the script
/etc/init.d/DOPAMSERVER enabled || exit 0

# Reloading the script
logger -t DOPAMSERVER "Reloading DOPAMSERVER.sh due to $ACTION of $INTERFACE ($DEVICE)"
sleep 10 && /etc/init.d/DOPAMSERVER restart
HOTPLUG
fi

brada4 · August 22, 2024, 7:46pm

conntrack command line tool can show packet fields andmeta-s of your choice as alteted by firewall

anon78773196 · August 22, 2024, 7:51pm

Hey bro, do you mean thanks to collectd?`

#config plugin 'apcups'
#	option enable '0'
#	option Host 'localhost'
#	option Port '3551'

#config plugin 'conntrack'
#	option enable '0'

dave14305 · August 22, 2024, 7:55pm

@ldir has a LuCI mod to add the DSCP to the existing “Realtime graphs / Connections” page. It would need to be adapted for however DSCP is being stored in the connmark (mask and bitshift).

anon78773196 · August 22, 2024, 8:23pm

i has also files nommed connexion js

a party of this script

'use strict';'require view';'require poll';'require request';'require rpc';var callLuciRealtimeStats=rpc.declare({object:'luci',method:'getRealtimeStats',params:['mode','device'],expect:{result:[]}});var callLuciConntrackList=rpc.declare({object:'luci',method:'getConntrackList',expect:{result:[]}});var callNetworkRrdnsLookup=rpc.declare({object:'network.rrdns',method:'lookup',params:['addrs','timeout','limit'],expect:{'':{}}});var graphPolls=[],pollInterval=3,dns_cache={},enableLookups=false;var recheck_lookup_queue={};Math.log2=Math.log2||function(x){return Math.log(x)*Math.LOG2E;};return view.extend({load:function(){return Promise.all([this.loadSVG(L.resource('svg/connections.svg'))]);},updateGraph:function(svg,lines,cb){var G=svg.firstElementChild;var view=document.querySelector('#view');var width=view.offsetWidth-2;var height=300-2;var step=5;var data_wanted=Math.floor(width/step);var data_values=[],line_elements=[];for(var i=0;i<lines.length;i++)
if(lines[i]!=null)
data_values.push([]);var info={line_current:[],line_average:[],line_peak:[]};for(var i=0;i<data_values.length;i++)
for(var j=0;j<data_wanted;j++)
data_values[i][j]=0;for(var i=width%(step*60);i<width;i+=step*60){var line=document.createElementNS('http://www.w3.org/2000/svg','line');line.setAttribute('x1',i);line.setAttribute('y1',0);line.setAttribute('x2',i);line.setAttribute('y2','100%');line.setAttribute('style','stroke:black;stroke-width:0.1');var text=document.createElementNS('http://www.w3.org/2000/svg','text');text.setAttribute('x',i+5);text.setAttribute('y',15);text.setAttribute('style','fill:#eee; font-size:9pt; font-family:sans-serif; text-shadow:1px 1px 1px #000');text.appendChild(document.createTextNode(Math.round((width-i)/step/60)+'m'));G.appendChild(line);G.appendChild(text);}
info.interval=pollInterval;info.timeframe=data_wanted/60;graphPolls.push({svg:svg,lines:lines,cb:cb,info:info,width:width,height:height,step:step,values:data_values,timestamp:0,fill:1});},updateConntrack:function(conn){var lookup_queue=[];var rows=[];conn.sort(function(a,b){return b.bytes-a.bytes;});for(var i=0;i<conn.length;i++)
{var c=conn[i];if((c.src=='127.0.0.1'&&c.dst=='127.0.0.1')||(c.src=='::1'&&c.dst=='::1'))
continue;if(!dns_cache[c.src]&&lookup_queue.indexOf(c.src)==-1)
lookup_queue.push(c.src);if(!dns_cache[c.dst]&&lookup_queue.indexOf(c.dst)==-1)
lookup_queue.push(c.dst);var src=dns_cache[c.src]||(c.layer3=='ipv6'?'['+c.src+']':c.src);var dst=dns_cache[c.dst]||(c.layer3=='ipv6'?'['+c.dst+']':c.dst);rows.push([c.layer3.toUpperCase(),c.layer4.toUpperCase(),'%h'.format(c.hasOwnProperty('sport')?(src+':'+c.sport):src),'%h'.format(c.hasOwnProperty('dport')?(dst+':'+c.dport):dst),[c.bytes,'%1024.2mB (%d %s)'.format(c.bytes,c.packets,_('Pkts.'))]]);}
cbi_update_table('#connections',rows,E('em',_('No information available')));if(enableLookups&&lookup_queue.length>0){var reduced_lookup_queue=lookup_queue;if(lookup_queue.length>100)
reduced_lookup_queue=lookup_queue.slice(0,100);callNetworkRrdnsLookup(reduced_lookup_queue,5000,1000).then(function(replies){for(var index in reduced_lookup_queue){var address=reduced_lookup_queue[index];if(!address)
continue;if(replies[address]){dns_cache[address]=replies[address];lookup_queue.splice(reduced_lookup_queue.indexOf(address),1);continue;}
if(recheck_lookup_queue[address]>2){dns_cache[address]=(address.match(/:/))?'['+address+']':address;lookup_queue.splice(index,1);}
else{recheck_lookup_queue[address]=(recheck_lookup_queue[address]||0)+1;}}

can you add a new file nommed example dscp.js ??

'use strict';
'require view';
'require poll';
'require request';
'require rpc';

var callLuciRealtimeStats = rpc.declare({
	object: 'luci',
	method: 'getRealtimeStats',
	params: [ 'mode', 'device' ],
	expect: { result: [] }
});

var callLuciConntrackList = rpc.declare({
	object: 'luci',
	method: 'getConntrackList',
	expect: { result: [] }
});

var callNetworkRrdnsLookup = rpc.declare({
	object: 'network.rrdns',
	method: 'lookup',
	params: [ 'addrs', 'timeout', 'limit' ],
	expect: { '': {} }
});

var graphPolls = [],
    pollInterval = 3,
    dns_cache = {},
    enableLookups = false;

var recheck_lookup_queue = {};

function decodeMarkValue(mark) {
	var connstatetable = [ "000-", "001-", "010-", "011-", "100-", "101-", "110-", "111-" ];
	var dscptable = [	"CS0", "LE", "TOS2", "TOS3", "TOS4", "TOS5", "TOS6", "TOS7",/* 0-7 */
				"CS1", "", "AF11", "", "AF12", "", "AF13", "",	/* 8-15 */
				"CS2", "", "AF21", "", "AF22", "", "AF23", "",	/* 16-23 */
				"CS3", "", "AF31", "", "AF32", "", "AF33", "",	/* 24-31 */
				"CS4", "", "AF41", "", "AF42", "", "AF43", "",	/* 32-39 */
				"CS5", "", "", "", "VA", "", "EF", "",	/* 40-47 */
				"CS6", "", "", "", "", "", "", "",	/* 48-55 */
				"CS7", "", "", "", "", "", "", "" ];	/* 56-63 */
	var dscp;

anon78773196 · August 22, 2024, 9:43pm

I'm not sure where to place this, but it caused me to lose the LuCI interface now.

i will try after a reset my router

thanks

Hudra · August 23, 2024, 9:51am

Just one question: Why don't you use Qosmate right away, since it already offers exactly this functionality? Even though the connections tab is still more or less in the beta phase, it should work in principle. With Qosmate, you can configure everything else the same way you did with SQM in your first post.

anon78773196 · August 23, 2024, 9:54am

yes i use now QoSmate, thanks for all

system · September 2, 2024, 9:54am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.