SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0002740: QoS not working - MantisBT Endian Bugtracker
Endian Issue Tracker





Please see now our new Bugtracker system: JIRA








View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0002740Endian FirewallNetwork related (VPN, uplinks)public2010-03-02 11:562010-11-22 12:08
Reportermvrk 
Assigned Tora-endian 
PrioritynormalSeveritymajorReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version2.3 
Target VersionFixed in Version2.4.1 
Summary0002740: QoS not working
DescriptionI've configured QoS rules on my EFW 2.3, but is not working.

I've tried to restart the service manualy and i got this errors:

/usr/local/bin/restartqos.py
2010-02-09 17:19:53,808 - restartqos.py[10970] - ERROR - Migration has to be fixed!!!
2010-02-09 17:19:53,809 - restartqos.py[10970] - INFO - Loading configuration
2010-02-09 17:19:53,828 - restartqos.py[10970] - ERROR - RETURNCODE [iptables -t mangle -N QOS 2> /dev/null] 1
2010-02-09 17:19:53,871 - restartqos.py[10970] - INFO - Setting QOS of device: eth2 [UPLOAD=1024, DOWNLOAD=30720]
2010-02-09 17:19:53,899 - restartqos.py[10970] - ERROR - RETURNCODE [iptables -t mangle -N QOS_ETH2 2> /dev/null] 1
2010-02-09 17:19:53,926 - restartqos.py[10970] - ERROR - RETURNCODE [iptables -t mangle -D QOS -o eth2 -j QOS_ETH2 2> /dev/null] 1
TagsNo tags attached.
Attached Fileszip file icon shaping.zip [^] (760 bytes) 2010-03-04 14:37

- Relationships

-  Notes
(0003896)
clst (reporter)
2010-03-03 12:05

Same problem: EFW 2.3 fully updated:

root@endian:/usr/local/bin # ./restartqos
2010-03-03 12:29:26,798 - restartqos.py[26248] - ERROR - Migration has to be fixed!!!
2010-03-03 12:29:26,814 - restartqos.py[26248] - INFO - Loading configuration
2010-03-03 12:29:26,918 - restartqos.py[26248] - ERROR - RETURNCODE [iptables -t mangle -N QOS 2> /dev/null] 1
2010-03-03 12:29:27,002 - restartqos.py[26248] - INFO - Setting QOS of device: eth5 [UPLOAD=2300, DOWNLOAD=2300]
2010-03-03 12:29:27,062 - restartqos.py[26248] - ERROR - RETURNCODE [iptables -t mangle -N QOS_ETH5 2> /dev/null] 1
2010-03-03 12:29:27,115 - restartqos.py[26248] - ERROR - RETURNCODE [iptables -t mangle -D QOS -o eth5 -j QOS_ETH5 2> /dev/null] 1
Skipping invalid rule: {'inputdev': '', 'protocol': '', 'src': '', 'tos': '', 'dst': '', 'dscp_class': '', 'dscp': '', 'classname': 'class0002', 'mac': '', 'dport': '', 'sport': ''}
Skipping invalid rule: {'inputdev': '', 'protocol': '', 'src': '', 'tos': '', 'dst': '', 'dscp_class': '', 'dscp': '', 'classname': 'class0002', 'mac': '', 'dport': '', 'sport': ''}
Skipping invalid rule: {'inputdev': '', 'protocol': '', 'src': '', 'tos': '', 'dst': '', 'dscp_class': '', 'dscp': '', 'classname': 'class0001', 'mac': '', 'dport': '80', 'sport': ''}
Skipping invalid rule: {'inputdev': '', 'protocol': '', 'src': '', 'tos': '', 'dst': '', 'dscp_class': '', 'dscp': '', 'classname': 'class0001', 'mac': '', 'dport': '443', 'sport': ''}
Skipping invalid rule: {'inputdev': '', 'protocol': '', 'src': '', 'tos': '', 'dst': '', 'dscp_class': '', 'dscp': '', 'classname': 'class0001', 'mac': '', 'dport': '2000', 'sport': ''}
(0003910)
peter-endian (administrator)
2010-03-04 12:07

those error lines are because the command returns with exitcode != 0. since those commands should faild when the chain already exist, it's ok.
we will hide those messages in future.

as of the Skipping invalid rule:
Those rules do not have set any target device, therefore they will be skipped.
You can fix this by editing the rules and assigning a target device / class.

I am wondering how this happened. Did you restore from a backup or created those rules?
(0003915)
clst (reporter)
2010-03-04 14:05
edited on: 2010-03-04 14:34

No, the only thing I did was change the Line Speeds for the Uplink.

I did not check the log before so I cannot say since when these errors show up.

Everything looks ok, in the web-interface... I will check all entries and report back.

EDIT: Apparently those are rules are OK in the web interface. I changed my rules and the same errors still come up.

(0003917)
clst (reporter)
2010-03-04 14:36
edited on: 2010-03-04 14:42

As my rules are no big secret I have packed my /var/ef/shaping directory. I fail to see any errors...
The messages obviously come from the NetViewer line.

Here is the relevant Output of iptables -L -t mangle:

Chain QOS (1 references)
target prot opt source destination
QOS_ETH5 all -- anywhere anywhere

Chain QOS_ETH5 (1 references)
target prot opt source destination
CLASSIFY all -- 192.168.100.200 anywhere CLASSIFY set 2:3
CLASSIFY all -- 192.168.100.201 anywhere CLASSIFY set 2:3
CLASSIFY all -- 192.168.100.203 anywhere CLASSIFY set 2:3
CLASSIFY all -- 192.168.100.186 anywhere CLASSIFY set 2:3
           all -- anywhere anywhere
CLASSIFY all -- anywhere 192.168.100.200 CLASSIFY set 2:3
CLASSIFY all -- anywhere 192.168.100.201 CLASSIFY set 2:3
CLASSIFY all -- anywhere 192.168.100.203 CLASSIFY set 2:3
CLASSIFY all -- anywhere 192.168.100.186 CLASSIFY set 2:3
           all -- anywhere anywhere
CLASSIFY all -- anywhere 82.98.68.64/27 CLASSIFY set 2:2
CLASSIFY all -- anywhere 82.98.68.64/27 CLASSIFY set 2:2
CLASSIFY all -- anywhere 82.98.68.64/27 CLASSIFY set 2:2
CLASSIFY all -- anywhere 217.79.214.0/26 CLASSIFY set 2:2
CLASSIFY all -- anywhere 217.79.214.0/26 CLASSIFY set 2:2
CLASSIFY all -- anywhere 217.79.214.0/26 CLASSIFY set 2:2
           all -- anywhere anywhere
           all -- anywhere anywhere
           all -- anywhere anywhere
CLASSIFY tcp -- anywhere anywhere tcp dpt:openvpn CLASSIFY set 2:2
CLASSIFY udp -- anywhere anywhere udp dpt:openvpn CLASSIFY set 2:2
CLASSIFY tcp -- anywhere anywhere tcp dpt:liberty-lm CLASSIFY set 2:2
CLASSIFY udp -- anywhere anywhere udp dpt:liberty-lm CLASSIFY set 2:2
CLASSIFY tcp -- anywhere anywhere tcp dpt:http CLASSIFY set 2:5

(0004032)
clst (reporter)
2010-03-15 14:57

Did anyone have the time to look at it yet?

- Issue History
Date Modified Username Field Change
2010-03-02 11:56 mvrk New Issue
2010-03-03 12:05 clst Note Added: 0003896
2010-03-04 12:07 peter-endian Note Added: 0003910
2010-03-04 12:07 peter-endian Status new => feedback
2010-03-04 14:05 clst Note Added: 0003915
2010-03-04 14:34 clst Note Edited: 0003915
2010-03-04 14:36 clst Note Added: 0003917
2010-03-04 14:37 clst File Added: shaping.zip
2010-03-04 14:42 clst Note Edited: 0003917
2010-03-15 14:57 clst Note Added: 0004032
2010-03-18 10:47 ra-endian Status feedback => resolved
2010-03-18 10:47 ra-endian Fixed in Version => 2.3.1
2010-03-18 10:47 ra-endian Resolution open => fixed
2010-03-18 10:47 ra-endian Assigned To => ra-endian
2010-11-22 12:08 peter-endian Fixed in Version 2.3.1 => 2.4.1
2010-11-22 12:08 peter-endian Status resolved => closed

Copyright © 2005-2008 Endian, SRL. All rights reserved.


Copyright © 2000 - 2012 MantisBT Group
Powered by Mantis Bugtracker