Hi SouthPawn,
Using your script for a couple of days now, but im running into a problem. At first it looked like QoS didn't work as expected, but this was due to not having iptables-tools installed. Now that i made a new image from trunk with iptables-tools enabled, your script stops working for me. After starting your script, it is almost impossible to browse the internet. As i try to ping hosts on internet from client pc's, only from the first packet i get response.
This is what my mangle table looks like after starting your script. Does everything seem OK to you? Will try to troubleshoot some more later this day...
Chain PREROUTING (policy ACCEPT 3267 packets, 624K bytes)
pkts bytes target prot opt in out source destination
3294 626K MultiWan all -- any any anywhere anywhere
766 183K IMQ all -- eth0.1 any anywhere anywhere IMQ: todev 0
349 148K IMQ all -- eth0.2 any anywhere anywhere IMQ: todev 1
Chain INPUT (policy ACCEPT 1750 packets, 170K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 1017 packets, 289K bytes)
pkts bytes target prot opt in out source destination
1017 289K MultiWan all -- any any anywhere anywhere
Chain OUTPUT (policy ACCEPT 1563 packets, 236K bytes)
pkts bytes target prot opt in out source destination
1648 242K MultiWan all -- any any anywhere anywhere
Chain POSTROUTING (policy ACCEPT 2658 packets, 539K bytes)
pkts bytes target prot opt in out source destination
2758 546K MultiWan all -- any any anywhere anywhere
Chain Default (0 references)
pkts bytes target prot opt in out source destination
0 0 CONNMARK all -- any any anywhere anywhere CONNMARK restore
0 0 Default_ct all -- any any anywhere anywhere mark match 0x0
0 0 MARK all -- any any anywhere anywhere mark match 0x1 length 400:65535 MARK and 0x0
0 0 MARK all -- any any anywhere anywhere mark match 0x2 length 800:65535 MARK and 0x0
0 0 MARK udp -- any any anywhere anywhere mark match 0x0 length 0:500 MARK set 0x2
0 0 MARK icmp -- any any anywhere anywhere MARK set 0x1
0 0 MARK tcp -- any any anywhere anywhere mark match 0x0 tcp spts:1024:65535 dpts:1024:65535 MARK set 0x4
0 0 MARK udp -- any any anywhere anywhere mark match 0x0 udp spts:1024:65535 dpts:1024:65535 MARK set 0x4
0 0 MARK tcp -- any any anywhere anywhere length 0:128 mark match !0x4 tcp flags:FIN,SYN,RST,PSH,ACK,URG/SYN MARK set 0x1
0 0 MARK tcp -- any any anywhere anywhere length 0:128 mark match !0x4 tcp flags:FIN,SYN,RST,PSH,ACK,URG/ACK MARK set 0x1
Chain Default_ct (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK all -- any any anywhere anywhere mark match 0x0 LAYER7 l7proto edonkey MARK set 0x4
0 0 MARK all -- any any anywhere anywhere mark match 0x0 LAYER7 l7proto bittorrent MARK set 0x4
0 0 MARK tcp -- any any anywhere anywhere mark match 0x0 tcp multiport ports 22,53 MARK set 0x1
0 0 MARK udp -- any any anywhere anywhere mark match 0x0 udp multiport ports 22,53 MARK set 0x1
0 0 MARK tcp -- any any anywhere anywhere mark match 0x0 tcp multiport ports 20,21,25,80,110,443,993,995 MARK set 0x3
0 0 MARK tcp -- any any anywhere anywhere mark match 0x0 tcp multiport ports 5190 MARK set 0x2
0 0 MARK udp -- any any anywhere anywhere mark match 0x0 udp multiport ports 5190 MARK set 0x2
0 0 CONNMARK all -- any any anywhere anywhere CONNMARK save
Chain FW1MARK (8 references)
pkts bytes target prot opt in out source destination
721 180K MARK all -- any any anywhere anywhere MARK set 0x10
721 180K CONNMARK all -- any any anywhere anywhere CONNMARK save
Chain FW2MARK (6 references)
pkts bytes target prot opt in out source destination
208 19954 MARK all -- any any anywhere anywhere MARK set 0x20
208 19954 CONNMARK all -- any any anywhere anywhere CONNMARK save
Chain LoadBalancer (1 references)
pkts bytes target prot opt in out source destination
742 61270 MARK all -- any any anywhere anywhere MARK set 0x123
742 61270 CONNMARK all -- any any anywhere anywhere CONNMARK save
Chain MultiWan (4 references)
pkts bytes target prot opt in out source destination
8717 1703K CONNMARK all -- any any anywhere anywhere CONNMARK restore
8717 1703K MultiWanPreHandler all -- any any anywhere anywhere
8657 1697K MultiWanDNS all -- any any anywhere anywhere
8505 1687K MultiWanRules all -- any any anywhere anywhere
8505 1687K MultiWanPostHandler all -- any any anywhere anywhere
8505 1687K MultiWanQoS all -- any any anywhere anywhere
Chain MultiWanDNS (1 references)
pkts bytes target prot opt in out source destination
0 0 FW1MARK tcp -- any any anywhere ns01.upclive.nl tcp dpt:53
38 2272 FW1MARK udp -- any any anywhere ns01.upclive.nl udp dpt:53
0 0 ACCEPT tcp -- any any anywhere ns01.upclive.nl tcp dpt:53
38 2272 ACCEPT udp -- any any anywhere ns01.upclive.nl udp dpt:53
0 0 FW1MARK tcp -- any any anywhere ns02.upclive.nl tcp dpt:53
50 3120 FW1MARK udp -- any any anywhere ns02.upclive.nl udp dpt:53
0 0 ACCEPT tcp -- any any anywhere ns02.upclive.nl tcp dpt:53
50 3120 ACCEPT udp -- any any anywhere ns02.upclive.nl udp dpt:53
0 0 FW2MARK tcp -- any any anywhere 192.168.32.254 tcp dpt:53
32 1910 FW2MARK udp -- any any anywhere 192.168.32.254 udp dpt:53
0 0 ACCEPT tcp -- any any anywhere 192.168.32.254 tcp dpt:53
32 1910 ACCEPT udp -- any any anywhere 192.168.32.254 udp dpt:53
Chain MultiWanPostHandler (1 references)
pkts bytes target prot opt in out source destination
167 14072 FW1MARK all -- any eth0.1 anywhere anywhere mark match 0x123
150 13124 FW2MARK all -- any eth0.2 anywhere anywhere mark match 0x123
Chain MultiWanPreHandler (1 references)
pkts bytes target prot opt in out source destination
466 161K FW1MARK all -- eth0.1 any anywhere anywhere state NEW
26 4920 FW2MARK all -- eth0.2 any anywhere anywhere state NEW
Chain MultiWanQoS (1 references)
pkts bytes target prot opt in out source destination
1709 257K MultiWanQoS_isp1 all -- any any anywhere anywhere mark match 0x10
0 0 MultiWanQoS_isp1 all -- any any anywhere anywhere mark match 0x11
0 0 MultiWanQoS_isp1 all -- any any anywhere anywhere mark match 0x12
0 0 MultiWanQoS_isp1 all -- any any anywhere anywhere mark match 0x13
0 0 MultiWanQoS_isp1 all -- any any anywhere anywhere mark match 0x14
524 56924 MultiWanQoS_isp2 all -- any any anywhere anywhere mark match 0x20
0 0 MultiWanQoS_isp2 all -- any any anywhere anywhere mark match 0x21
0 0 MultiWanQoS_isp2 all -- any any anywhere anywhere mark match 0x22
0 0 MultiWanQoS_isp2 all -- any any anywhere anywhere mark match 0x23
0 0 MultiWanQoS_isp2 all -- any any anywhere anywhere mark match 0x24
Chain MultiWanQoS_isp1 (5 references)
pkts bytes target prot opt in out source destination
1709 257K CONNMARK all -- any any anywhere anywhere CONNMARK restore
1709 257K MultiWanQoS_isp1_ct all -- any any anywhere anywhere mark match 0x10
0 0 MARK all -- any any anywhere anywhere mark match 0x11 length 400:65535 MARK and 0x0
0 0 MARK all -- any any anywhere anywhere mark match 0x12 length 800:65535 MARK and 0x0
550 176K MARK udp -- any any anywhere anywhere mark match 0x10 length 0:500 MARK set 0x2
1093 75012 MARK icmp -- any any anywhere anywhere MARK set 0x1
0 0 MARK tcp -- any any anywhere anywhere mark match 0x10 tcp spts:1024:65535 dpts:1024:65535 MARK set 0x4
0 0 MARK udp -- any any anywhere anywhere mark match 0x10 udp spts:1024:65535 dpts:1024:65535 MARK set 0x4
25 1300 MARK tcp -- any any anywhere anywhere length 0:128 mark match !0x14 tcp flags:FIN,SYN,RST,PSH,ACK,URG/SYN MARK set 0x1
0 0 MARK tcp -- any any anywhere anywhere length 0:128 mark match !0x14 tcp flags:FIN,SYN,RST,PSH,ACK,URG/ACK MARK set 0x1
Chain MultiWanQoS_isp1_ct (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK all -- any any anywhere anywhere mark match 0x10 LAYER7 l7proto edonkey MARK set 0x4
0 0 MARK all -- any any anywhere anywhere mark match 0x10 LAYER7 l7proto bittorrent MARK set 0x4
0 0 MARK tcp -- any any anywhere anywhere mark match 0x10 tcp multiport ports 22,53 MARK set 0x1
41 4706 MARK udp -- any any anywhere anywhere mark match 0x10 udp multiport ports 22,53 MARK set 0x1
25 1300 MARK tcp -- any any anywhere anywhere mark match 0x10 tcp multiport ports 20,21,25,80,110,443,993,995 MARK set 0x3
0 0 MARK tcp -- any any anywhere anywhere mark match 0x10 tcp multiport ports 5190 MARK set 0x2
0 0 MARK udp -- any any anywhere anywhere mark match 0x10 udp multiport ports 5190 MARK set 0x2
1709 257K CONNMARK all -- any any anywhere anywhere CONNMARK save
Chain MultiWanQoS_isp2 (5 references)
pkts bytes target prot opt in out source destination
524 56924 CONNMARK all -- any any anywhere anywhere CONNMARK restore
524 56924 MultiWanQoS_isp2_ct all -- any any anywhere anywhere mark match 0x20
0 0 MARK all -- any any anywhere anywhere mark match 0x21 length 400:65535 MARK and 0x0
0 0 MARK all -- any any anywhere anywhere mark match 0x22 length 800:65535 MARK and 0x0
104 19680 MARK udp -- any any anywhere anywhere mark match 0x20 length 0:500 MARK set 0x2
393 33012 MARK icmp -- any any anywhere anywhere MARK set 0x1
0 0 MARK tcp -- any any anywhere anywhere mark match 0x20 tcp spts:1024:65535 dpts:1024:65535 MARK set 0x4
0 0 MARK udp -- any any anywhere anywhere mark match 0x20 udp spts:1024:65535 dpts:1024:65535 MARK set 0x4
12 624 MARK tcp -- any any anywhere anywhere length 0:128 mark match !0x24 tcp flags:FIN,SYN,RST,PSH,ACK,URG/SYN MARK set 0x1
0 0 MARK tcp -- any any anywhere anywhere length 0:128 mark match !0x24 tcp flags:FIN,SYN,RST,PSH,ACK,URG/ACK MARK set 0x1
Chain MultiWanQoS_isp2_ct (1 references)
pkts bytes target prot opt in out source destination
0 0 MARK all -- any any anywhere anywhere mark match 0x20 LAYER7 l7proto edonkey MARK set 0x4
0 0 MARK all -- any any anywhere anywhere mark match 0x20 LAYER7 l7proto bittorrent MARK set 0x4
0 0 MARK tcp -- any any anywhere anywhere mark match 0x20 tcp multiport ports 22,53 MARK set 0x1
15 3608 MARK udp -- any any anywhere anywhere mark match 0x20 udp multiport ports 22,53 MARK set 0x1
12 624 MARK tcp -- any any anywhere anywhere mark match 0x20 tcp multiport ports 20,21,25,80,110,443,993,995 MARK set 0x3
0 0 MARK tcp -- any any anywhere anywhere mark match 0x20 tcp multiport ports 5190 MARK set 0x2
0 0 MARK udp -- any any anywhere anywhere mark match 0x20 udp multiport ports 5190 MARK set 0x2
524 56924 CONNMARK all -- any any anywhere anywhere CONNMARK save
Chain MultiWanRules (1 references)
pkts bytes target prot opt in out source destination
0 0 FW1MARK tcp -- any any anywhere newsreader1.eweka.nl mark match 0x0 tcp dpt:119
0 0 FW1MARK udp -- any any anywhere newsreader1.eweka.nl mark match 0x0 udp dpt:119
0 0 FW2MARK tcp -- any any anywhere newsreader3.eweka.nl mark match 0x0 tcp dpt:119
0 0 FW2MARK udp -- any any anywhere newsreader3.eweka.nl mark match 0x0 udp dpt:119
742 61270 LoadBalancer all -- any any anywhere anywhere mark match 0x0
Thank you.