[MIRROR] OpenWrt QoS implementation based one eBPF + CAKE

Felix Fietkau 1501e09351 bpf_skb_utils.h: add missing include to fix build against newer kernel headers hai 1 mes
CMakeLists.txt 1cd5e12eec loader/interface: attach bpf program directly using netlink %!s(int64=2) %!d(string=hai) anos
README f13b67c9a7 dns: allow limiting dns entry matching to cname name %!s(int64=2) %!d(string=hai) anos
bpf_skb_utils.h 1501e09351 bpf_skb_utils.h: add missing include to fix build against newer kernel headers hai 1 mes
dns.c 391a9fbd5a dns: fix parsing vlan encapsulated protocol %!s(int64=2) %!d(string=hai) anos
interface.c ef82defaae ubus: add active devices to bridger blacklist %!s(int64=2) %!d(string=hai) anos
loader.c 1cd5e12eec loader/interface: attach bpf program directly using netlink %!s(int64=2) %!d(string=hai) anos
main.c 6ff06d66c3 dns: add code for snooping dns packets %!s(int64=2) %!d(string=hai) anos
map.c 850cc27108 qosify: add support for keeping stats hai 1 ano
qosify-bpf.c 850cc27108 qosify: add support for keeping stats hai 1 ano
qosify-bpf.h 850cc27108 qosify: add support for keeping stats hai 1 ano
qosify.h 850cc27108 qosify: add support for keeping stats hai 1 ano
ubus.c 850cc27108 qosify: add support for keeping stats hai 1 ano

README

QoSify is simple daemon for setting up and managing CAKE along with a custom
eBPF based classifier that sets DSCP fields of packets.

It supports the following features:
- simple TCP/UDP port based mapping
- IP address based mapping
- priority boosting based on average packet size
- bulk flow detection based on number of packets per second
- dynamically add IP entries with timeout
- dns regex entries and ubus api for providing dns lookup results

It can be configured via ubus call qosify config.

This call supports the following parameters:
- "reset": BOOL
Reset the config to defaults instead of only updating supplied values

- "files": ARRAY of STRING
List of files with port/IP/host mappings

- "timeout": INT32
Default timeout for dynamically added entries

- "dscp_default_udp": STRING
Default DSCP value for UDP packets

- "dscp_default_tcp": STRING
Default DSCP value for TCP packets

- "dscp_prio": STRING
DSCP value for priority-marked packets

- "dscp_bulk": STRING
DSCP value for bulk-marked packets

- "dscp_icmp": STRING
DSCP value for ICMP packets

- "bulk_trigger_pps": INT32
Number of packets per second to trigger bulk flow detection

- "bulk_trigger_timeout": INT32
Time below bulk_trigger_pps threshold until a bulk flow mark is removed

- "prio_max_avg_pkt_len": INT32
Maximum average packet length for marking a flow as priority

- "interfaces": TABLE of TABLE
netifd interfaces to enable QoS on

- "devices": TABLE of TABLE
netdevs to enable QoS on


interface/device properties:
- "bandwidth_up": STRING
Uplink bandwidth (same format as tc)

- "bandwidth_down": STRING
Downlink bandwidth (same format as tc)

- "ingress": BOOL
Enable ingress shaping

- "egress": BOOL
Enable egress shaping

- "mode": STRING
CAKE diffserv mode

- "nat": BOOL
Enable CAKE NAT host detection via conntrack

- "host_isolate": BOOL
Enable CAKE host isolation

- "autorate_ingress": BOOL
Enable CAKE automatic rate estimation for ingress

- "ingress_options": STRING
CAKE ingress options

- "egress_options": STRING
CAKE egress options

- "options": STRING
CAKE options for ingress + egress


Mapping file syntax:

Each line has two whitespace separated fields, match and dscp
match is one of:
- tcp:[-]
TCP single port, or range from to
- udp:[-]
UDP single port, or range from to
-
IPv4 address, e.g. 1.1.1.1
-
IPv6 address, e.g. ff01::1
- dns:
fnmatch() pattern supporting * and ? as wildcard characters
- dns:/
POSIX.2 extended regular expression for matching hostnames
Only works, if dns lookups are passed to qosify via the add_dns_host ubus call.
- dns_c:...
Like dns:... but only matches cname entries

dscp can be a raw value, or a codepoint like CS0
Adding a + in front of the value tells qosify to only override the DSCP value if it is zero
DNS entries are compared in the order in which they are specified in the config, using the
first matching entry.


Planned features:
- Support for LAN host based priority