QoS: Drop support for hardcoded ACK rules

This feature has to go in order to take advantage of CONNMARK which will
drastically decrease CPU load when passing packets.

We no longer will see every packet in the QOS-INC chain in order to
change classification of that packet. It is also party counter-intuitive
to have parts of one connection in one class and the corresponding ACK
packets in another.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

diff --git a/config/qos/makeqosscripts.pl b/config/qos/makeqosscripts.pl
index 5bdd5b811a9a6d35581aac199f1312e87f7e998d..230dc3265b8205c91606fa7fc554f71aa442fb8c 100644 (file)
--- a/config/qos/makeqosscripts.pl
+++ b/config/qos/makeqosscripts.pl
@@ -72,7 +72,6 @@ $qossettings{'DEF_OUT_SPD'} = '';
 $qossettings{'DEF_INC_SPD'} = '';
 $qossettings{'DEFCLASS_INC'} = '';
 $qossettings{'DEFCLASS_OUT'} = '';
-$qossettings{'ACK'} = '';
 $qossettings{'RED_DEV'} = `cat /var/ipfire/red/iface`;
 $qossettings{'IMQ_DEV'} = 'imq0';
 $qossettings{'TOS'} = '';
@@ -80,7 +79,6 @@ $qossettings{'VALID'} = 'yes';
 
 &General::readhash("${General::swroot}/qos/settings", \%qossettings);
 
-my $ACK_MARK = ($qossettings{'ACK'} << $QOS_OUT_SHIFT) . "/$QOS_OUT_MASK";
 my $DEF_OUT_MARK = ($qossettings{'DEFCLASS_OUT'} << $QOS_OUT_SHIFT) . "/$QOS_OUT_MASK";
 my $DEF_INC_MARK = ($qossettings{'DEFCLASS_INC'} << $QOS_INC_SHIFT) . "/$QOS_INC_MASK";
 
@@ -224,31 +222,6 @@ print <<END
        ### Don't change mark on traffic for the ipsec tunnel
        iptables -t mangle -A QOS-OUT -m mark --mark 50 -j RETURN
 
-       ### MARK ACKs
-       iptables -t mangle -A QOS-OUT -p tcp --tcp-flags SYN,RST SYN -j MARK --set-xmark $ACK_MARK
-       iptables -t mangle -A QOS-OUT -p tcp --tcp-flags SYN,RST SYN -j RETURN
-
-       iptables -t mangle -A QOS-OUT -p icmp -m length --length 40:100 -j MARK --set-xmark $ACK_MARK
-       iptables -t mangle -A QOS-OUT -p icmp -m length --length 40:100 -j RETURN
-
-       iptables -t mangle -A QOS-OUT -p tcp --syn -m length --length 40:68 -j MARK --set-xmark $ACK_MARK
-       iptables -t mangle -A QOS-OUT -p tcp --syn -m length --length 40:68 -j RETURN
-
-       iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j MARK --set-xmark $ACK_MARK
-       iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j RETURN
-
-       iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j MARK --set-xmark $ACK_MARK
-       iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j RETURN
-
-       iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL RST -j MARK --set-xmark $ACK_MARK
-       iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL RST -j RETURN
-
-       iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK,RST -j MARK --set-xmark $ACK_MARK
-       iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK,RST -j RETURN
-
-       iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK,FIN -j MARK --set-xmark $ACK_MARK
-       iptables -t mangle -A QOS-OUT -p tcp --tcp-flags ALL ACK,FIN -j RETURN
-
        ### SET TOS
 END
 ;

diff --git a/html/cgi-bin/qos.cgi b/html/cgi-bin/qos.cgi
index ab427879e915defd7c8bd44ea85595259bd11c7f..c2ff4a08d28f504c00efd787ed201327033a4b39 100644 (file)
--- a/html/cgi-bin/qos.cgi
+++ b/html/cgi-bin/qos.cgi
@@ -68,7 +68,6 @@ $qossettings{'DEF_OUT_SPD'} = '';
 $qossettings{'DEF_INC_SPD'} = '';
 $qossettings{'DEFCLASS_INC'} = '';
 $qossettings{'DEFCLASS_OUT'} = '';
-$qossettings{'ACK'} = '';
 $qossettings{'RED_DEV'} = 'ppp0';
 $qossettings{'IMQ_DEV'} = 'imq0';
 $qossettings{'VALID'} = 'yes';
@@ -518,7 +517,6 @@ END
                }
                $qossettings{'DEFCLASS_INC'} = "210";
                $qossettings{'DEFCLASS_OUT'} = "110";
-               $qossettings{'ACK'} ="101";
                $qossettings{'ENABLED'} = 'on';
                &General::writehash("${General::swroot}/qos/settings", \%qossettings);
                &General::system("/usr/local/bin/qosctrl", "generate");
@@ -660,7 +658,7 @@ END
 END
 ;
        }
-       if (($qossettings{'DEFCLASS_OUT'} ne '') && ($qossettings{'DEFCLASS_INC'} ne '')&& ($qossettings{'ACK'} ne '')) {
+       if (($qossettings{'DEFCLASS_OUT'} ne '') && ($qossettings{'DEFCLASS_INC'} ne '')) {
                print <<END
                <form method='post' action='$ENV{'SCRIPT_NAME'}'>
                <table width='66%'>
@@ -668,7 +666,6 @@ END
                <tr><td width='50%' align='right'>$Lang::tr{'downlink std class'}:      <td width='30%' align='left'>$qossettings{'DEFCLASS_INC'}
                    <td width='20%' rowspan='3' align='center' valign='middle'><input type='submit' name='ACTIONDEF' value='$Lang::tr{'modify'}' />
                <tr><td width='50%' align='right'>$Lang::tr{'uplink std class'}:        <td width='30%' align='left'>$qossettings{'DEFCLASS_OUT'}
-               <tr><td width='50%' align='right'>ACKs:                         <td width='30%' align='left'>$qossettings{'ACK'}
                <tr><td colspan='3' width='100%'><hr />
                <tr><td colspan='3' width='100%' align='center'>
                </table>
@@ -692,7 +689,7 @@ if ( ($qossettings{'OUT_SPD'} eq '') || ($qossettings{'INC_SPD'} eq '') ) {
        exit
 }
 
-if ( ($qossettings{'DEFCLASS_INC'} eq '') || ($qossettings{'DEFCLASS_OUT'} eq '') || ($qossettings{'ACK'} eq '') ) {
+if ( ($qossettings{'DEFCLASS_INC'} eq '') || ($qossettings{'DEFCLASS_OUT'} eq '') ) {
        &changedefclasses();
        &Header::closebigbox();
        &Header::closepage();
@@ -742,21 +739,6 @@ END
                        else { print "<option selected value='$c'>$c</option>\n"; }
                }
                print <<END
-               </select><td width='33%' align='center'>&nbsp;
-               </table>
-               <hr />
-               <table width='66%'>
-               <tr><td width='100%' colspan='3'>$Lang::tr{'enter ack class'}
-               <tr><td width='33%' align='right'>ACKs:<td width='33%' align='left'><select name='ACK'>
-END
-;
-               for ( $c = 100 ; $c <= 120 ; $c++ )
-               {
-                       if ( $qossettings{'ACK'} ne $c )
-                       { print "<option value='$c'>$c</option>\n"; }
-                       else {  print "<option selected value='$c'>$c</option>\n"; }
-               }
-               print <<END
                </select><td width='33%' align='center'><input type='submit' name='ACTION' value="$Lang::tr{'save'}" />
                </table>
                </form>