iptables dscp mark

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Atheros WiSOC based Hardware
Author Message
LucasVanCleef
DD-WRT Novice


Joined: 24 Nov 2017
Posts: 5

PostPosted: Wed Sep 11, 2019 14:56    Post subject: iptables dscp mark Reply with quote
I have this easy script for my online games on ps4 and it works on openwrt, but not ddwrt.
I tried on commands / save firewall, does not work.
Any idea?

iptables -t mangle -N dscp_mark

iptables -t mangle -A FORWARD -j dscp_mark


##PS4
iptables -t mangle -A dscp_mark -p udp --match multiport --sport 3074,3659,3478,3479,6000,14000:14016,9305:9308 -j DSCP --set-dscp-class CS6

iptables -t mangle -A dscp_mark -p udp --match multiport --dport 3074,3659,3478,3479,6000,14000:14016,9305:9308 -j DSCP --set-dscp-class CS6
Sponsor
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 1903
Location: Texas, USA

PostPosted: Wed Sep 11, 2019 15:52    Post subject: Reply with quote
Via telnet / ssh do an lsmod. If the xDSCP module isn't loaded, then you have to add a line to your firewall script to insmod it.
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 2808
Location: UK, London, just across the river..

PostPosted: Wed Sep 11, 2019 17:55    Post subject: Reply with quote
hmmm, do we know your router model and current build running..
generally speaking multiport command is not present
on low grade routers...
than you have to add one line per port...kind of..

iptables -t mangle -A dscp_mark -p udp --sport 3074 -j DSCP --set-dscp-class CS6

the other option is to install full iptables via entware...

_________________
Atheros
TP-Link WR740Nv1 ------DD-WRT 33772 BS WAP/Switch (wired)
TP-Link WR1043NDv2 -----DD-WRT 41057 BS (AP,PPPoE,NAT,AD Blocking,AP Isolation,Firewall,Local DNS,Forced DNS,DoT)
TP-Link WR1043NDv2 -----DD-WRT 40890 BS (AP,NAT,AD Blocking,Firewall,Wi-Fi OFF,Local DNS,Forced DNS,DoT)
TP-Link WR1043NDv2 -----Gargoyle OS 1.11.0 (AP,NAT,QoS,Quotas)
Qualcomm/IPQ8065
Netgear R7800 ---------DD-WRT 40270M 4.9 Kong (AP,NAT,AD-Blocking,AP&Net Isolation,Firewall,Local DNS,Forced DNS,DNSCrypt v2 x2)
Broadcom
Netgear R7000 ---------DD-WRT 40270M Kong (AP,NAT,VLAN,AD-Blocking,Firewall,Local DNS,Forced DNS,DoT)
------------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 via Entware by mac913
LucasVanCleef
DD-WRT Novice


Joined: 24 Nov 2017
Posts: 5

PostPosted: Wed Sep 11, 2019 22:18    Post subject: Reply with quote
Thank you both for your help.
My router is an archer c7 v2, with the latest build. The xDSCP module does not appear. What would be this line to modify the firewall?
LucasVanCleef
DD-WRT Novice


Joined: 24 Nov 2017
Posts: 5

PostPosted: Wed Sep 11, 2019 23:12    Post subject: Reply with quote
Just an update,
following this tutorial:

https://wiki.dd-wrt.com/wiki/index.php/Comcast_download_speed_fix_for_Linksys_eSeries


I changed to this:

insmod xt_DSCP.ko

iptables -t mangle -A PREROUTING -p udp -d 192.168.1.142 -j DSCP --set-dscp 48
iptables -t mangle -A POSTROUTING -p udp -s 192.168.1.142 -j DSCP --set-dscp 48

Now the xDSCP module appears, also shows "Used by - 2"
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 1903
Location: Texas, USA

PostPosted: Thu Sep 12, 2019 1:48    Post subject: Reply with quote
Sorry I was away, I see you found that wiki. I only knew of this because of an open bug ticket and was not sure that the TOS/DSCP filter on the firewall worked as it should. It looks as if you have it sorted out. If you still need the rest of the previously described rules in you firewall script, then you should be able to add them, save firewall, reboot - but, as Alozaros mentioned, you may not be able to do multiple ports on a single rule.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Atheros WiSOC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum