QoS over Nftables (This packages is merged upstream, please visit openwrt/packages and openwrt/luci for more detail)
nft-qos and luci-app-nft-qos is a qos implementation over nftables project on OpenWrt and LuCI.
NOTE!!! This packages is merged upstream, please visit openwrt/packages and openwrt/luci for more details.
Bug Report : https://github.com/rosywrt/nft-qos/issues
QQ Gourp : 428742246
Luci-app-nft-qos / nft-qos : Copyright 2018 RosyWrt
Licensed under the Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0
Please document which order precedence the priority numbering works.
Is 1 highest priority or 11 highest priority?
Anybody a Idea
I don't want limit local subnets only external source IPs like my IPTables Example
TC=/sbin/tc
IFETH=ens3 # Interface
$TC qdisc add dev $IFETH root handle 1: htb
$TC class add dev $IFETH parent 1:0 classid 1:5 htb rate 5mbit
$TC filter add dev $IFETH parent 1:0 protocol ip handle 5 fw flowid 1:5
/usr/sbin/iptables-legacy -A OUTPUT -t mangle -p tcp -d 0.0.0.0/0 -j MARK --set-mark 6
/usr/sbin/iptables-legacy -A OUTPUT -t mangle -p tcp -d 10.0.0.0/8 -j MARK --set-mark 2
/usr/sbin/iptables-legacy -A OUTPUT -t mangle -p tcp -d 192.168.0.0/16 -j MARK --set-mark 2
I want a kind of mark or priority to except my local Clients from the world to limit the outbound traffic.
I found this Table .... it works to limit all uploaded traffic...
table inet nft-qos-static {
define PRIVATE = {
192.168.0.0/16,
127.0.0.1,
10.0.0.0/8
}
chain local {
type filter hook prerouting priority 0; policy accept;
#ip protocol tcp ip saddr $PRIVATE limit rate over 10100 kbytes/second drop
}
chain upload {
type filter hook prerouting priority 1; policy accept;
ip protocol tcp ip saddr $PRIVATE limit rate over 51100 kbytes/second drop
ip protocol tcp limit rate over 2100 kbytes/second drop
}
chain download {
type filter hook postrouting priority 0; policy accept;
}
}
table netdev nft-qos-priority {
chain filter {
type filter hook ingress device ens3 priority 0; policy accept;
}
}
Hi, the global static rate limit is not working, although the specific rate limit is working flawless!
In image above you can check that ip 192.168.0.105 is uploading beyond the 1 Mbytes/s set
I checked the device upload speed it's reaching 45 mbits/s (it's the Max Bandwidth)
Can I provide more info? How?
不是很明白设置优先服务是用什么过滤的
Hi,
我编译了 Openwrt 19.07 版本, 并选择了 nft-qos.
在WEB 启动了 nft-qos 里的静态模式, 上传与下载速度都是 50KB/s (或者改成其它数值), 如下图, 无论数值改多少, 上传或者下载限速都无效:
后来, 我只能添加我手机的 WIFI IP 地址到路由器里, 如下图, 这时候我的手机才被限速(正常).
我想问的是, 静态模式能否不填写具体的客户端 IP 地址限速(只填写默认上传与下载速度), 或者可填写某网段(比如 192.168.1.0/24) 进行限速?
当前需要为每客户端添加 IP, 限速才有效, 太麻烦啦.
Please Help, I get following error when opening Luci - Services - Qos Over Nftables
/usr/lib/lua/luci/cbi.lua:869: Cannot assign option to not existing tab "limitmac"
stack traceback:
[C]: in function 'assert'
/usr/lib/lua/luci/cbi.lua:869: in function 'taboption'
/usr/lib/lua/luci/model/cbi/nft-qos/nft-qos.lua:230: in function 'func'
/usr/lib/lua/luci/cbi.lua:66: in function 'load'
/usr/lib/lua/luci/dispatcher.lua:1353: in function '_cbi'
/usr/lib/lua/luci/dispatcher.lua:1024: in function 'dispatch'
/usr/lib/lua/luci/dispatcher.lua:479: in function </usr/lib/lua/luci/dispatcher.lua:478>
Please help
In dynamic Limit Type cannot set speeds in kbps.
I have slow connection in upload ....only 809kbps and download 17345kbps.
So i can not set up it...it accepts only in Mbps at least 1 Mbps.
Can you add function for bufferbloat?
Etc. like SQM piece_of_cake script and prioritize by protocol,address,ports?
Full bandwidth is available although it should be limited. Static rate limiting does work fine.
config default 'default'
option priority_enable '0'
option limit_enable '1'
option limit_type 'dynamic'
option dynamic_bw_down '10'
option dynamic_bw_up '1'
option dynamic_cidr '192.168.1.0/24'
OpenWrt 19.07-SNAPSHOT, r10269-5100629e32
kokang@compaq:/openwrt-18.06.1$ ./scripts/feeds update -a/openwrt-18.06.1$ ./scripts/feeds install -a
Updating feed 'packages' from 'https://git.openwrt.org/feed/packages.git^35e0b737ab496f5b51e80079b0d8c9b442e223f5' ...
Create index file './feeds/packages.index'
Updating feed 'luci' from 'https://git.openwrt.org/project/luci.git^f64b1523447547032d5280fb0bcdde570f2ca913' ...
Create index file './feeds/luci.index'
Updating feed 'routing' from 'https://git.openwrt.org/feed/routing.git^1b9d1c419f0ecefda51922a7845ab2183d6acd76' ...
Create index file './feeds/routing.index'
Updating feed 'telephony' from 'https://git.openwrt.org/feed/telephony.git^b9d7b321d15a44c5abb9e5d43a4ec78abfd9031b' ...
Create index file './feeds/telephony.index'
kokang@compaq:
WARNING: Makefile 'package/kokang/nft-qos/Makefile' has a dependency on 'kmod-nft-netdev', which does not exist
Installing all packages from feed packages.
Installing all packages from feed luci.
Installing all packages from feed routing.
Installing all packages from feed telephony.
When I search nft-qos result shows there is nothing
I don't know how should I install it
there is nftable but it seems doesn't have luci
config:
config default 'default'
option limit_enable '1'
option limit_type 'static'
option static_rate_dl '50'
option static_unit_dl 'kbytes'
option static_rate_ul '50'
option static_unit_ul 'kbytes'
option priority_enable '1'
option priority_netdev 'lan'
config upload
option rate '50'
option unit 'kbytes'
option hostname 'macbook'
option ipaddr '192.168.16.218'
config download
option hostname 'macbook'
option ipaddr '192.168.16.218'
option rate '2'
option unit 'mbytes'
i have problem while direct add device from command line in ssh with nano. data successfully add but limit not work. but if i add from luci, both work perfect.
Speed limit does not work when running any VPN, whether passwall or openclash
Model | CJ-Hello HYC-G920
Architecture | MediaTek MT7621 ver:1 eco:3
Firmware Version | LuCI openwrt-22.03 branch git-23.093.57104-ce20b4a
Kernel Version | 5.10.176
I installed Luci-app-nft-QoS with all its dependencies, but the static limit is not working at all, dynamic is working fine tho. when I removed the pkg and installed it again I noticed these errors
Error: Could not process rule: Resource busy
add chain inet nft-qos-monitor upload { type filter hook postrouting priority 0; }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Error: Could not process rule: Resource busy
add chain inet nft-qos-monitor download { type filter hook prerouting priority 0; }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
I am on OpenWrt 19.07.4. any help?
.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.