Disable qos marking for IPSec marked traffic.

2026-04-09 18:45:54 +02:00 · 2010-04-01 22:16:48 +02:00
parent 443aece5ee
commit 5487c71bbe
1 changed files with 3 additions and 0 deletions
--- a/config/qos/makeqosscripts.pl
+++ b/config/qos/makeqosscripts.pl
@@ -264,6 +264,9 @@ print <<END
 	iptables -t mangle -I POSTROUTING -o $qossettings{'RED_DEV'} -j QOS-OUT
 	iptables -t mangle -A POSTROUTING -o $qossettings{'RED_DEV'} -j QOS-TOS

+	### Don't change mark on traffic for the ipsec tunnel
+	iptables -t mangle -A QOS-OUT -m mark --mark 50 -j RETURN
+
 	### MARK ACKs
 	iptables -t mangle -A QOS-OUT -p tcp --tcp-flags SYN,RST SYN -j TOS --set-tos 4
 	iptables -t mangle -A QOS-OUT -p tcp --tcp-flags SYN,RST SYN -j MARK --set-mark $qossettings{'ACK'}