qos : Classification with tc+iptables for QoS on MTK_PANTHER

Description : For the tc classification, qos_postrouting
scheme has been chosen as the target in iptables.
This change set contains code changes for iptables
programming via qos.sh script modification for upstream
traffic classification on WAN port.

qosmngr/Makefile

@@ -27,7 +27,7 @@ define Package/qosmngr
   SECTION:=utils
   CATEGORY:=Utilities
   TITLE:=QoS Manager
-  DEPENDS:=@(TARGET_brcmbca||TARGET_airoha) +libuci +libubox +libubus +libblobmsg-json +libjson-c +libqos
+  DEPENDS:=@(TARGET_brcmbca||TARGET_airoha||TARGET_iopsys_mediatek) +libuci +libubox +libubus +libblobmsg-json +libjson-c +libqos
 endef
 
 define Package/qosmngr/description
@@ -60,4 +60,12 @@ define Package/qosmngr/install
 	$(call Package/qosmngr/install/common,$(1))
 endef
 endif
+
+ifeq ($(CONFIG_TARGET_iopsys_mediatek),y)
+define Package/qosmngr/install
+	$(CP) ./files/linux/* $(1)/
+	echo "Honoring the flag mediatek"
+	$(call Package/qosmngr/install/common,$(1))
+endef
+endif
 $(eval $(call BuildPackage,qosmngr))

qosmngr/files/linux/etc/uci-defaults/60-qos_queue_generate

@@ -0,0 +1,43 @@
+#!/bin/sh
+
+. /lib/functions.sh
+
+ethwan="$(db -q get hw.board.ethernetWanPort)"
+
+generate_queue(){
+	section="$1"
+
+	config_get ifname "$section" "ifname"
+
+	local no_of_q="0 1 2 3 4 5 6 7"
+
+	i=0
+	local total_q=$((${no_of_q##* } + 1))
+        for i in $no_of_q; do
+		order=$((total_q - i))
+		uci add qos queue
+		uci rename qos.@queue[-1]="q_${i}_${ifname}"
+		uci set qos.@queue[-1].enable="1"
+		uci set qos.@queue[-1].ifname="$ifname"
+		uci set qos.@queue[-1].precedence="$order"
+		uci set qos.@queue[-1].scheduling="SP"
+		uci set qos.@queue[-1].rate="1000000"
+		uci set qos.@queue[-1].burst_size="1500"
+		uci set qos.@queue[-1].weight="1"
+	done
+
+	uci commit qos
+}
+
+if [ -s "/etc/config/qos" ]; then
+	if uci -q get qos.@queue[0] >/dev/null; then
+		# return if there is any valid content
+		exit
+	else
+		rm -f /etc/config/qos
+	fi
+fi
+touch /etc/config/qos
+
+config_load ports
+config_foreach generate_queue ethport

qosmngr/files/linux/lib/qos/qos.sh

@@ -0,0 +1,688 @@
+#!/bin/sh
+. /lib/functions.sh
+#set -x
+
+IP_RULE=""
+MAJOR=""
+
+POLICER_COUNT=0
+Q_COUNT=0
+SP_Q_PRIO=7
+
+#counter variable to assign classify order value if not added in config
+temp_order=1
+
+# Function to handle a queue order and
+# update total number of queues
+handle_q_order() {
+	local qid="$1" #queue section ID
+
+	config_get is_enable "$qid" "enable" 1
+
+	# No need to configure disabled queues
+	if [ $is_enable == '0' ]; then
+		return
+	fi
+
+	config_get ifname "$qid" "ifname"
+	# If ifname is empty that is good enough to break
+	if [ -z "$ifname" ];then
+		return
+	fi
+
+	# Create precedence file containing queue order per
+	# interface.
+	local precedence_file="/tmp/qos/$ifname/q_order"
+	local q_no=$(cat /tmp/qos/$ifname/q_idx)
+
+	config_get precedence "$qid" "precedence"
+	value=${precedence}_q${q_no}
+	echo $value >> $precedence_file
+
+	# Update the number of queues per interface.
+	q_no=$((q_no + 1))
+	echo $q_no > /tmp/qos/$ifname/q_idx
+}
+
+# Sort queue, lower value in uci means higher precedence, so this
+# function sorts the precedence in decending order
+sort_q_by_precedence() {
+	ifname="$1"
+
+	local order_file="/tmp/qos/$ifname/q_order"
+	local tmp_order_file="/tmp/qos/$ifname/q_order.tmp"
+
+	sort -n -k1 $order_file > $tmp_order_file
+	cp $tmp_order_file $order_file
+	rm -f $tmp_order_file
+}
+
+sort_by_precedence() {
+	for interf in $(db -q get hw.board.ethernetPortOrder); do
+		sort_q_by_precedence $interf
+	done
+}
+
+# function to handle a queue section
+handle_queue() {
+	local qid="$1" #queue section ID
+	local port="$2"
+	local port_bw="$3"
+	local root="$4"
+	local port_bs="$5"
+
+	config_get is_enable "$qid" "enable"
+
+	# no need to configure disabled queues
+	if [ "$is_enable" == "0" ]; then
+		return
+	fi
+
+	config_get ifname "$qid" "ifname"
+	# if ifname is empty that is good enough to break
+	if [ -z "$ifname" ];then
+		return
+	fi
+
+	# This is to get the qid per interface.
+	if [ "$port" != "$ifname" ]; then
+		return
+	fi
+
+	local precedence_file="/tmp/qos/$ifname/q_order"
+
+	local temp_order=0
+	while read -r line; do
+		line_qid=${line: -1}
+		if [ "$line_qid" == "$Q_COUNT" ]; then
+			break
+		fi
+		temp_order=$((temp_order + 1))
+	done < "$precedence_file"
+
+	# precedence_file so the order is calculated accordingly.
+	local order=`expr $SP_Q_PRIO - $temp_order`
+
+	config_get sc_alg "$qid" "scheduling"
+	config_get wgt "$qid" "weight" 1
+	config_get rate "$qid" "rate"
+	config_get bs "$qid" "burst_size"
+	config_get qsize "$qid" "queue_size" 1024
+
+	[ "$rate" == "0" ] && rate="$port_bw"
+	[ "$bs" == "0" ] && bs="$port_bs"
+
+	local salg=1
+
+	case "$sc_alg" in
+		"SP") salg=1
+		;;
+		"WRR") salg=2
+		;;
+		"WDRR") salg=3
+		;;
+		"WFQ") salg=4
+		;;
+	esac
+
+	# ignore precedence value in case of WRR, broadcom recommends that WRR queue should
+	# always have precedence value set to 0
+	if [ $salg -eq 2 ]; then
+	       order=0
+	fi
+
+	if [ $salg -eq 2 ]; then
+		tc class add dev $port parent ${root}: classid ${root}:$((order + 1)) cbq allot $bs bandwidth ${port_bw}kbit rate ${rate}kbit prio $order weight $wgt  avpkt 1500 bounded isolated
+	else
+		tc class add dev $port parent ${root}: classid ${root}:$((order + 1)) cbq allot $bs bandwidth ${port_bw}kbit rate ${rate}kbit prio $order  avpkt 1500 bounded isolated
+	fi
+	
+	 if [ $order -eq 0 ]; then
+		# By default flowid is targeted to queue 1.
+		tc filter add dev $port parent ${root}:0 protocol ip prio 1 u32 match u32 0 0  flowid ${root}:0
+	 fi
+
+	Q_COUNT=$((Q_COUNT + 1))
+}
+
+#function to handle a policer section
+handle_policer() {
+	local p_sec="$1" # policer section ID
+	local dir=1 # default direction, upstream
+
+	config_get is_enable "$p_sec" "enable"
+
+	#no need to configure disabled policer
+	if [ $is_enable == '0' ]; then
+		return
+	fi
+
+	POLICER_COUNT=$((POLICER_COUNT + 1))
+}
+
+setup_qos() {
+	if [ ! -d "/tmp/qos" ]; then
+		mkdir -p /tmp/qos
+	fi
+
+	ebtables -t broute -N qos
+	ret=$?
+	if [ $ret -eq 0 ]; then
+		ebtables -t broute -I BROUTING -j qos
+	else
+		ebtables -t broute -D BROUTING -j qos
+		ebtables -t broute -I BROUTING -j qos
+	fi
+
+	iptables -w -t mangle -N qos_forward
+	ret=$?
+	[ $ret -eq 0 ] && iptables -w -t mangle -I FORWARD -j qos_forward
+
+	iptables -w -t mangle -N qos_output
+	ret=$?
+	[ $ret -eq 0 ] && iptables -w -t mangle -I OUTPUT -j qos_output
+
+	iptables -w -t mangle -N qos_postrouting
+	ret=$?
+	[ $ret -eq 0 ] && iptables -w -t mangle -I POSTROUTING -j qos_postrouting
+
+	ip6tables -t mangle -N qos_forward
+	ret=$?
+	[ $ret -eq 0 ] && ip6tables -t mangle -I FORWARD -j qos_forward
+
+	ip6tables -t mangle -N qos_output
+	ret=$?
+	[ $ret -eq 0 ] && ip6tables -t mangle -I OUTPUT -j qos_output
+	
+	ip6tables -w -t mangle -N qos_postrouting
+	ret=$?
+	[ $ret -eq 0 ] && ip6tables -w -t mangle -I POSTROUTING -j qos_postrouting
+}
+
+flush_chains() {
+        echo "iptables -w -t mangle -F qos_forward" > /tmp/qos/classify.iptables
+        echo "iptables -w -t mangle -F qos_output" >> /tmp/qos/classify.iptables
+        echo "iptables -w -t mangle -F qos_postrouting" >> /tmp/qos/classify.iptables
+
+        echo "ip6tables -w -t mangle -F qos_forward" > /tmp/qos/classify.ip6tables
+        echo "ip6tables -w -t mangle -F qos_output" >> /tmp/qos/classify.ip6tables
+        echo "ip6tables -w -t mangle -F qos_postrouting" >> /tmp/qos/classify.ip6tables
+}
+
+init_iptables_rule() {
+        IP_RULE=""
+}
+
+iptables_filter_intf() {
+        IP_RULE="$IP_RULE -o $1"
+}
+
+iptables_filter_proto() {
+        IP_RULE="$IP_RULE -p $1"
+}
+
+iptables_filter_ip_src() {
+        IP_RULE="$IP_RULE -s $1"
+}
+
+iptables_filter_ip_dest() {
+        IP_RULE="$IP_RULE -d $1"
+}
+
+iptables_filter_port_dest() {
+        IP_RULE="$IP_RULE --dport $1"
+}
+
+iptables_filter_port_src() {
+        IP_RULE="$IP_RULE --sport $1"
+}
+
+iptables_filter_port_dest_range() {
+        IP_RULE="$IP_RULE --dport $1:$2"
+}
+
+iptables_filter_port_src_range() {
+        IP_RULE="$IP_RULE --sport $1:$2"
+}
+
+iptables_filter_dscp_filter() {
+        IP_RULE="$IP_RULE -m dscp --dscp $1"
+}
+
+iptables_filter_ip_len_min() {
+        IP_RULE="$IP_RULE -m length --length $1"
+}
+
+iptables_filter_ip_len_max() {
+        IP_RULE="$IP_RULE:$1"
+}
+
+iptables_set_dscp_mark() {
+        IP_RULE="$IP_RULE -j DSCP --set-dscp $1"
+}
+
+iptables_set_traffic_class() {
+        IP_RULE="$IP_RULE  -j CLASSIFY --set-class ${MAJOR}:$1"
+}
+
+append_rule_to_mangle_table() {
+        if [ $2 == 4 ]; then
+                echo "iptables -w -t mangle -A $1 $IP_RULE"  >> /tmp/qos/classify.iptables
+        elif [ $2 == 6 ]; then
+                echo "ip6tables -w -t mangle -A $1 $IP_RULE" >> /tmp/qos/classify.ip6tables
+        elif [ $2 == 1 ]; then
+                echo "iptables -w -t mangle -A $1 $IP_RULE"  >> /tmp/qos/classify.iptables
+                echo "ip6tables -w -t mangle -A $1 $IP_RULE" >> /tmp/qos/classify.ip6tables
+        fi
+}
+
+handle_iptables_rules() {
+        cid=$1
+        local ip_version=0
+        local is_l3_rule=0
+
+        init_iptables_rule
+        config_get proto "$cid" "proto"
+        config_get traffic_class "$cid" "traffic_class"
+        config_get dscp_mark "$cid" "dscp_mark"
+        config_get dscp_filter "$cid" "dscp_filter"
+        config_get dest_port "$cid" "dest_port"
+        config_get dest_port_range "$cid" "dest_port_range"
+        config_get src_port "$cid" "src_port"
+        config_get src_port_range "$cid" "src_port_range"
+        config_get dest_ip "$cid" "dest_ip"
+        config_get src_ip "$cid" "src_ip"
+        config_get ip_len_min "$cid" "ip_len_min"
+        config_get ip_len_max "$cid" "ip_len_max"
+        config_get ifname "$cid" "ifname"
+
+        #check version of ip
+        case $src_ip$dest_ip in
+                *.*)
+                        ip_version=4
+                        ;;
+                *:*)
+                        ip_version=6
+                        ;;
+                *)
+                        ip_version=1 #ip address not used
+        esac
+
+        #filter interface
+        if [ -n "$ifname" ]; then
+                if [ "$ifname" != "lo" ]; then
+                        iptables_filter_intf $ifname
+                fi
+        fi
+
+        # filter proto
+        if [ -n "$proto" ]; then
+                iptables_filter_proto $proto
+                is_l3_rule=1
+        fi
+
+        #filter src. ip
+        if [ -n "$src_ip" ]; then
+                iptables_filter_ip_src $src_ip
+                is_l3_rule=1
+        fi
+
+        #filter dest. ip
+        if [ -n "$dest_ip" ]; then
+                iptables_filter_ip_dest $dest_ip
+                is_l3_rule=1
+        fi
+
+        #filter dest. port
+        if [ -n "$dest_port" -a -z "$dest_port_range" ]; then
+                iptables_filter_port_dest $dest_port
+                is_l3_rule=1
+        fi
+        #filter src. port
+        if [ -n "$src_port" -a -z "$src_port_range" ]; then
+                iptables_filter_port_src $src_port
+                is_l3_rule=1
+        fi
+
+        #filter dest. port range
+        if [ -n "$dest_port" -a -n "$dest_port_range" ]; then
+                iptables_filter_port_dest_range $dest_port $dest_port_range
+                is_l3_rule=1
+        fi
+
+        #filter src. port range
+        if [ -n "$src_port" -a -n "$src_port_range" ]; then
+                iptables_filter_port_src_range $src_port $src_port_range
+                is_l3_rule=1
+        fi
+
+        #filter dscp
+        if [ -n "$dscp_filter" ]; then
+                iptables_filter_dscp_filter $dscp_filter
+                is_l3_rule=1
+        fi
+
+        #filter min. IP packet len.
+        if [ -n "$ip_len_min" ]; then
+                iptables_filter_ip_len_min $ip_len_min
+                is_l3_rule=1
+        fi
+        #filter max. IP packet len.
+        if [ -n "$ip_len_max" ]; then
+                iptables_filter_ip_len_max $ip_len_max
+                is_l3_rule=1
+        fi
+
+        if [ $is_l3_rule -eq 0 ]; then
+                return
+        fi
+
+        #set dscp mark
+        [ -n "$dscp_mark" ] && iptables_set_dscp_mark $dscp_mark
+
+        #set packet queue mark
+        [ -n "$traffic_class" ] && iptables_set_traffic_class  $traffic_class
+
+        #write iptables rule for dscp marking
+        [ -n "$IP_RULE" -a -n "$dscp_mark" ] && append_rule_to_mangle_table "qos_forward" $ip_version
+
+        if [ -n "$IP_RULE" -a -n "$traffic_class" ]; then
+                if [ "$ifname" == "lo" ]; then
+                        #write iptables rule for putting WAN directed internal packets in different queue
+                        append_rule_to_mangle_table "qos_output" $ip_version
+                else
+                        #write iptables rule for putting WAN directed LAN packets in different queue
+                        append_rule_to_mangle_table "qos_postrouting" $ip_version
+                fi
+        fi
+}
+
+handle_policer_rules() {
+	local c_sec=$1
+	local policer_name
+	local ifname
+	local pname
+	local pindex=-1
+	local ingress_rate=0
+	local in_burst_size=0
+
+	config_get policer_name "$c_sec" "policer"
+	if [ -z "$policer_name" ];then
+		# no need to apply policer if policer not present in this
+		# classification rule
+		return
+	fi
+
+	config_get ifname "$c_sec" "ifname"
+	if [ -z "$ifname" ]; then
+		# cannot associate policer as interface is not mentioned
+		return
+	fi
+
+	local i=0
+	local max_policer_inst=$(cat /tmp/qos/max_policer_inst)
+	while :
+	do
+		if [ $i -eq $max_policer_inst ]; then
+			break
+		fi
+
+		pname="$(uci -q get qos.@policer[$i].name)"
+		if [ "$policer_name" == "$pname" ]; then
+			pindex=$i
+			ingress_rate=$(uci -q get qos.@policer[$i].committed_rate)
+			in_burst_rate=$(uci -q get qos.@policer[$i].committed_burst_size)
+			break
+		fi
+		i=$((i + 1))
+	done
+
+	if [ $pindex -lt 0 ]; then
+		# policer not found, no need to proceed further
+		return
+	fi
+
+	config_ingress_rate_limit $ifname $ingress_rate $in_burst_size $pindex
+
+}
+
+config_ingress_rate_limit() {
+	local ifname="$1"
+	local ingress_rate=$2
+	local in_burst_size=$3
+	local pindex="$4"
+	local wanport="$(db -q get hw.board.ethernetWanPort)"
+
+	# Unit in uci file is in bps while that accepted by ethswctl is kbits
+	if [ $ingress_rate -lt 1000 ]; then
+		return
+	fi
+
+	ingress_rate=$((ingress_rate / 1000))
+
+	if [ $in_burst_size -eq 0 ]; then
+		in_burst_size=$ingress_rate
+	else
+		in_burst_size=$((in_burst_size / 1000))
+	fi
+
+	tc qdisc add dev $ifname ingress
+
+	tc filter add dev $ifname parent ffff: protocol ip prio $pindex u32 match ip src 0.0.0.0/0 police rate ${ingress_rate}kbit burst $in_burst_size drop flowid :$pindex
+
+}
+
+# Function to handle a classify order
+handle_classify_order() {
+        local cid="$1" #classify section ID
+
+        config_get is_enable "$cid" "enable" 1
+
+        # No need to configure disabled classify
+        if [ $is_enable == '0' ]; then
+                return
+        fi
+
+        # Create classify file containing classify order
+        local corder_file="/tmp/qos/classify.order"
+
+        config_get c_order "$cid" "order"
+
+        if [ -z "$c_order" ]; then
+           c_order=$temp_order;
+           temp_order=$((temp_order + 1))
+        fi
+
+        value=${c_order}_${cid}
+        echo $value >> $corder_file
+
+}
+
+# Sort classify, lower value in uci means higher precedence, so this
+# function sorts the classify order in assending order
+sort_classify_by_order() {
+        local corder_file="/tmp/qos/classify.order"
+        local tmp_corder_file="/tmp/qos/tmp_classify.order"
+
+        sort -n -k1 $corder_file > $tmp_corder_file
+        cp $tmp_corder_file $corder_file
+        rm -f $tmp_corder_file
+}
+
+#function to handle a classify section
+handle_classify() {
+        cid="$1" #classify section ID
+
+        config_get is_enable "$cid" "enable"
+        # no need to configure disabled classify rules
+        if [ "$is_enable" == '0' ]; then
+                return
+        fi
+	handle_iptables_rules $cid
+        handle_policer_rules $cid
+}
+
+configure_classify() {
+        #processing classify section
+        rm -f /tmp/qos/classify.iptables
+        rm -f /tmp/qos/classify.ip6tables
+
+        # create files that will contain the rules if not present already
+        mkdir -p /tmp/qos/
+        touch /tmp/qos/classify.iptables
+        touch /tmp/qos/classify.ip6tables
+
+	flush_chains
+
+        # Load UCI file
+        config_load qos
+	config_foreach handle_classify_order classify
+	sort_classify_by_order
+        config_foreach handle_classify classify
+
+        sh /tmp/qos/classify.iptables
+        sh /tmp/qos/classify.ip6tables
+
+}
+
+pre_configure_queue() {
+	# Delete queues
+	for intf in $(db get hw.board.ethernetPortOrder); do
+		rm -rf /tmp/qos/$intf
+
+		mkdir -p /tmp/qos/$intf
+		touch /tmp/qos/$intf/q_order
+		touch /tmp/qos/$intf/q_idx
+		echo 0 > /tmp/qos/$intf/q_idx
+
+		tc qdisc del dev $intf root
+		tc qdisc del dev $intf ingress
+	done
+}
+
+get_link_rate() {                     
+        intf="$1"              
+        speed=0   
+        config_load ports               
+        get_speed() {
+                psid="$1"                     
+                iname="$2"
+                config_load ports             
+                config_get ifname "$psid" "ifname"
+                if [ "$ifname" == "$iname" ]; then
+                        config_get speed "$psid" "speed"
+                fi
+        }                                
+        config_foreach get_speed ethport $intf           
+        echo "$speed"           
+}                   
+
+configure_queue() {
+	qdisc_idx=0
+	local bs=1500
+	local rate=0
+	# Load UCI file
+	config_load qos
+	config_foreach handle_q_order queue
+	sort_by_precedence
+
+	get_intf_shaper_config() {
+		local b_size
+		sid="$1" #shaper section ID
+
+		config_get is_enable "$sid" "enable"
+		# no need to configure disabled queues
+		if [ "$is_enable" == "0" ]; then
+			return
+		fi
+
+
+		config_get ifname "$sid" "ifname"
+		# if ifname is empty that is good enough to break
+		if [ -z "$ifname" ] || ! [ "$ifname" == "$2" ];then
+			return
+		fi
+
+		config_get rate "$sid" "rate"
+		# Convert the rate from bps to kbps.
+		if [ $rate -lt 1000 ];then
+			return
+		fi
+
+		rate=$(( rate / 1000 ))
+		config_get b_size "$sid" "burst_size"
+		if [ "$b_size" == "0" ]; then
+			bs="$b_size"
+		fi
+	}
+	local wanport="$(db -q get hw.board.ethernetWanPort)"
+	for interf in $(db -q get hw.board.ethernetPortOrder); do
+		Q_COUNT=0
+		rate=0
+		# sp queue have max priority value = no. of queue configured on the port
+		# hence read and update SP_Q_PRIO here
+		local q_no=$(cat /tmp/qos/$interf/q_idx)
+		SP_Q_PRIO=`expr $q_no - 1`
+		qdisc_idx=`expr $qdisc_idx + 1`
+		# link_rate is in mbps and rate is in kbp
+		link_rate=$(get_link_rate "$interf")
+		# Read the shaper configuration for interface
+		config_foreach get_intf_shaper_config shaper $interf
+		if [ "$rate" == "0" ]; then
+			rate=$(( link_rate * 1000 ))
+		fi
+
+		# TODO using 1500 as allot and avpkt, if shaper config exist for interf get burst_size of shaper for actual value
+		tc qdisc add dev $interf root handle ${qdisc_idx}: cbq allot $bs  avpkt 1500 bandwidth ${rate}kbit
+		if [ "$interf" == "$wanport" ]; then
+			MAJOR="$qdisc_idx"
+		fi
+
+		config_foreach handle_queue queue $interf $rate $qdisc_idx $bs
+	done
+}
+
+configure_policer() {
+
+        # Delete policer
+        local i=0
+        local max_p_inst=0
+        if [ -f "/tmp/qos/max_policer_inst" ]; then
+                max_p_inst=$(cat /tmp/qos/max_policer_inst)
+        fi
+
+        # reset the policer counter
+        echo 0 > /tmp/qos/max_policer_inst
+        # Load UCI file
+        config_load qos
+        config_foreach handle_policer policer
+        echo $POLICER_COUNT > /tmp/qos/max_policer_inst
+}
+
+
+configure_qos() {
+	pre_configure_queue
+	configure_queue
+	configure_classify
+	configure_policer
+}
+
+reload_qos() {
+	local service_name="$1"
+
+	if [ -z "$service_name" ]; then
+		configure_qos
+	elif [ "$service_name" == "queue" ]; then
+		pre_configure_queue
+		configure_queue
+        elif [ "$service_name" == "classify" ]; then
+                configure_classify
+	elif [ "$service_name" == "policer" ]; then
+		configure_policer
+	fi
+}
+
+reload_qos_service() {
+	reload_qos
+}
+