Merge branch 'next' into temp-c164-development

config/qos/makeqosscripts.pl

@@ -54,7 +54,10 @@ my $classfile = "/var/ipfire/qos/classes";
 my $level7file = "/var/ipfire/qos/level7config";
 my $portfile = "/var/ipfire/qos/portconfig";
 my $tosfile = "/var/ipfire/qos/tosconfig";
-my $fqcodel_options = "limit 10240 quantum 1514";
+my @cake_options = (
+	# RED is by default connected to the Internet
+	"internet"
+);
 
 # Define iptables MARKs
 my $QOS_INC_MASK = 0x0000ff00;
@@ -81,6 +84,12 @@ $qossettings{'VALID'} = 'yes';
 
 &General::readhash("${General::swroot}/qos/settings", \%qossettings);
 
+# Default to "conservative
+unless (defined $qossettings{'CAKE_PROFILE'}) {
+	$qossettings{'CAKE_PROFILE'} = "conservative";
+}
+push(@cake_options, $qossettings{'CAKE_PROFILE'});
+
 my $DEF_OUT_MARK = ($qossettings{'DEFCLASS_OUT'} << $QOS_OUT_SHIFT) . "/$QOS_OUT_MASK";
 my $DEF_INC_MARK = ($qossettings{'DEFCLASS_INC'} << $QOS_INC_SHIFT) . "/$QOS_INC_MASK";
 
@@ -200,7 +209,7 @@ foreach $classentry (sort @classes)
 	if ($qossettings{'RED_DEV'} eq $classline[0]) {
 		$qossettings{'DEVICE'} = $classline[0];
 		$qossettings{'CLASS'} = $classline[1];
-		print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} handle $qossettings{'CLASS'}: fq_codel $fqcodel_options\n";
+		print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} handle $qossettings{'CLASS'}: cake @cake_options\n";
 	}
 }
 print "\n\t### FILTER TRAFFIC INTO CLASSES\n";
@@ -371,7 +380,7 @@ foreach $classentry (sort @classes)
 	if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
 		$qossettings{'DEVICE'} = $classline[0];
 		$qossettings{'CLASS'} = $classline[1];
-		print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} handle $qossettings{'CLASS'}: fq_codel $fqcodel_options\n";
+		print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} handle $qossettings{'CLASS'}: cake @cake_options\n";
 	}
 }
 print "\n\t### FILTER TRAFFIC INTO CLASSES\n";
@@ -494,10 +503,7 @@ print <<END
 	# DELETE QDISCS
 	tc qdisc del dev $qossettings{'RED_DEV'} root >/dev/null 2>&1
 	tc qdisc del dev $qossettings{'RED_DEV'} ingress >/dev/null 2>&1
-	tc qdisc add root dev $qossettings{'RED_DEV'} fq_codel >/dev/null 2>&1
-	tc qdisc del dev $qossettings{'IMQ_DEV'} root >/dev/null 2>&1
-	tc qdisc del dev $qossettings{'IMQ_DEV'} ingress >/dev/null 2>&1
-	tc qdisc add root dev $qossettings{'IMQ_DEV'} fq_codel >/dev/null 2>&1
+	INTERFACE="$qossettings{'RED_DEV'}" ACTION="add" /lib/udev/network-aqm &>/dev/null
 	# STOP IMQ-DEVICE
 	ip link set $qossettings{'IMQ_DEV'} down >/dev/null 2>&1
 	ip link del $qossettings{'IMQ_DEV'} >/dev/null 2>&1

config/rootfiles/common/udev

@@ -31,9 +31,9 @@ lib/udev
 lib/udev/ata_id
 lib/udev/cdrom_id
 lib/udev/collect
-lib/udev/enable_codel
 lib/udev/init-net-rules.sh
 lib/udev/mtd_probe
+lib/udev/network-aqm
 lib/udev/network-hotplug-bridges
 lib/udev/network-hotplug-rename
 lib/udev/network-hotplug-vlan
@@ -64,7 +64,7 @@ lib/udev/rules.d/75-probe_mtd.rules
 lib/udev/rules.d/78-sound-card.rules
 lib/udev/rules.d/80-drivers.rules
 lib/udev/rules.d/90-hwrng.rules
-lib/udev/rules.d/99-codel.rules
+lib/udev/rules.d/99-aqm.rules
 lib/udev/rules.d/99-offloading.rules
 lib/udev/scsi_id
 lib/udev/v4l_id

config/rootfiles/core/164/filelists/core-files

@@ -0,0 +1,5 @@
+etc/issue
+etc/os-release
+etc/system-release
+srv/web/ipfire/cgi-bin/credits.cgi
+var/ipfire/langs

config/rootfiles/oldcore/163/filelists/files

@@ -1,6 +1,11 @@
 etc/dracut.conf
+lib/udev/network-aqm
+lib/udev/network-hotplug-bridges
+lib/udev/rules.d/99-aqm.rules
+srv/web/ipfire/cgi-bin/qos.cgi
 srv/web/ipfire/cgi-bin/ovpnmain.cgi
 srv/web/ipfire/cgi-bin/vpnmain.cgi
 srv/web/ipfire/html/themes/ipfire/include/functions.pl
 var/ipfire/backup/bin/backup.pl
 var/ipfire/dhcp/advoptions-list
+var/ipfire/qos/bin/makeqosscripts.pl

config/rootfiles/oldcore/163/update.sh

@@ -17,7 +17,7 @@
 # along with IPFire; if not, write to the Free Software                    #
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
 #                                                                          #
-# Copyright (C) 2021 IPFire-Team <info@ipfire.org>.                        #
+# Copyright (C) 2022 IPFire-Team <info@ipfire.org>.                        #
 #                                                                          #
 ############################################################################
 #
@@ -56,9 +56,12 @@ rm -vrf \
 	/lib/firmware/cxgb4/t4fw-1.25.4.0.bin \
 	/lib/firmware/cxgb4/t5fw-1.25.4.0.bin \
 	/lib/firmware/cxgb4/t6fw-1.25.4.0.bin \
-	/lib/firmware/intel/ice/ddp/ice-1.3.16.0.pkg
+	/lib/firmware/intel/ice/ddp/ice-1.3.16.0.pkg \
+	/lib/udev/enable_codel \
+	/lib/udev/rules.d/99-codel.rules
 
 # Stop services
+/usr/local/bin/qosctrl stop
 
 # Extract files
 extract_files
@@ -77,6 +80,8 @@ telinit u
 /etc/init.d/apache restart
 /etc/init.d/unbound restart
 /etc/init.d/squid restart
+/usr/local/bin/qosctrl generate
+/usr/local/bin/qosctrl start
 
 # rebuild initrd
 dracut --force --early-microcode --strip --verbose --xz

config/udev/99-aqm.rules

@@ -0,0 +1,2 @@
+# Call the AQM script
+SUBSYSTEM=="net", RUN+="/lib/udev/network-aqm"

config/udev/99-codel.rules

@@ -1,2 +0,0 @@
-# Call the enable codel script.
-SUBSYSTEM=="net", RUN+="/lib/udev/enable_codel"

config/udev/network-aqm

@@ -21,9 +21,9 @@
 #                                                                          #
 ############################################################################
 
-LOG_FACILITY="codel"
+LOG_FACILITY="aqm"
 
-function log() {
+log() {
 	logger -t "${LOG_FACILITY}" $@
 }
 
@@ -32,19 +32,58 @@ if [ -z "${INTERFACE}" ]; then
 	exit 1
 fi
 
-# Do nothing for the loopback device.
-[ "${INTERFACE}" = "lo" ] && exit 0
-
 case "${ACTION}" in
 	add|register)
-		# Change root qdisc to use fq_codel.
-		/sbin/tc qdisc add root dev ${INTERFACE} fq_codel
-		ret=$?
+		TYPE="$(</sys/class/net/${INTERFACE}/type)"
 
-		if [ ${ret} -eq 0 ]; then
-			log "Codel AQM has been enabled on '${INTERFACE}'."
-		else
-			log "Codel AQM could not be enabled on '${INTERFACE}'. Error code: ${ret}"
+		# Detect bridges
+		if [ -d "/sys/class/net/${INTERFACE}/bridge" ]; then
+			TYPE="bridge"
+		fi
+
+		args=()
+
+		# Configure some useful defaults depending on the interface
+		case "${INTERFACE},${TYPE}" in
+			# Ignore loopback
+			lo,*)
+				exit 0
+				;;
+
+			# Ignore tun
+			tun*)
+				exit 0
+				;;
+
+			# Ignore GRE/VTI
+			*,778|*,768)
+				exit 0
+				;;
+
+			# Ignore bridges
+			*,bridge)
+				exit 0
+				;;
+
+			# Handle dial-up connections on RED
+			ppp*,512)
+				args+=( "cake" "internet" "conservative" "ack-filter" )
+				;;
+
+			# Treat any other interfaces as "Ethernet"
+			red*,*)
+				args+=( "cake" "internet" "ethernet" )
+				;;
+
+			# All other interfaces are locally connected
+			*)
+				args+=( "cake" "ethernet" "metro" )
+				;;
+		esac
+
+		# Change root qdisc to use cake
+		if ! tc qdisc replace root dev "${INTERFACE}" "${args[@]}"; then
+			log "Could not configure qdisc on ${INTERFACE} with parameters ${args[@]}"
 			exit ${ret}
 		fi
 		;;

config/udev/network-hotplug-bridges

@@ -41,9 +41,8 @@ detect_zone() {
 		# Try to find out if this INTERFACE is a slave of a zone
 		local slave
 		for slave in $(get_value "${zone}_SLAVES"); do
-
-			#Compare if the mac address matches or if the name matches
-			if ([ "$(</sys/class/net/${INTERFACE}/address)" = "${slave}" ] || [ "${INTERFACE}" = "${slave}" ]); then
+			# Compare if the mac address matches or if the name matches
+			if [ -r "/sys/class/net/${INTERFACE}/address" -a "$(</sys/class/net/${INTERFACE}/address)" = "${slave}" ] || [ "${INTERFACE}" = "${slave}" ]; then
 				echo "${zone}"
 				return 0
 			fi