Project

General

Profile

Actions

Bug #3688

closed

firewall rule syntax error with Diffserv Code Point

Added by James Dietrich almost 10 years ago. Updated over 9 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
06/02/2014
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

I am using 2.1.3.

I am getting a syntax error when creating a floating firewall rule with a particular Diffserv Code Point. I want to match on 0x04 (lowdelay, ToS 0x10), but when I choose that option from the dropdown and save the rule, it gives me an error:

[ There were error(s) loading the rules: /tmp/rules.debug:169: syntax error - The line in question reads [169]: match inet proto tcp from any to any port 22 dscp 0x04 (lowdelay, ToS 0x10) flags S/SA queue (qRT,qACK) label USER_RULE]

Any ideas? I'm wondering if the (lowdelay, ToS 0x10) part shouldn't be in the generated rule, but don't know for sure, or what to do about it if that's the problem.

Also, note that a similar syntax error is produced when choosing these other two Diffserv Code Points:
0x01 (reliability, ToS 0x04)
0x02 (throughput, ToS 0x08)
I suspect that whatever the root problem is affects all three of these.

I hope I've explained the problem well enough, but if you need any other information, please let me know.

Thank you!

James Dietrich

Actions

Also available in: Atom PDF