DSCPCLASSIFY does not reload after a reboot

[hudra0]

The latest commit d5d20b0 prevents DSCPCLASSIFY from automatically reloading after a reboot or when an interface is down. Manual reload works.

[petervaldesii]

Having this problem too with my Linksys E8450 and in addition calling 'service dscpclassify reload' or '/etc/init.d/dscpclassify reload' results in "The dscpclassify service does not appear to be loaded."

service dscpclassify restart seems to work.

[jeverley]

Thanks @hudra0, possible to check if this is still an issue with the commit?

5e47025

[hudra0]

Didn’t fix the issue for me. When I change

reload_service() {
	/etc/init.d/dscpclassify status &>/dev/null || {
		echo "The dscpclassify service does not appear to be loaded."
		return 1

to

reload_service() {
	service dscpclassify status 2>/dev/null || {
		start_service
		return $?

the script gets started on boot again.

[jeverley]

Interesting, I suspect the reason that fix sort of works for you is because the above forces the service to always start rather than reload (if the service status command is run in a script rather than user shell it always results in an error due to an absent path variables).

More on this here: https://openwrt.org/docs/guide-user/base-system/managing_services

Will try and replicate the particular root cause you're seeing here, I might need you to add in some log out lines to help us troubleshoot.

[jeverley]

Actually I think I've found the cause already, we should have been returning 0 rather than exit 0 to ensure that procd recognised the service as started (in the scenario where not all firewall zones are not yet ready), can you give the code in develop a try with commit ad03d9b?

Update: just occurred to me that we'll need to load the builtin sets again during reload under this half start scenario. Will have this fully addressed in a couple of hours 🙂

[hudra0]

Alright thank you, just gave it a try and it did not resolve the issue.

[jeverley]

@hudra0 think 3139aff should do the trick, certainly seems to work on my end.

Missing sets should be created during a reload if they weren't present, i.e. partial start when not all firewall zones were available.

I've also made the user set reload logic more robust so that the service compares if the set config has changed when it encounters one that already exists, in such a scenario the set is recreated rather than preserving the previous contents.

[hudra0]

Now the service totally fails to reload. At least on my end. Even manual reload fails:

root@OpenWrt:~# service dscpclassify restart
In file included from /etc/dscpclassify.d/main.nft:38:1-44:
/tmp/etc/dscpclassify-pre.include:3:14-25: Error: No such file or directory
add set inet dscpclassify threaded_clients { type ipv4_addr . inet_service . inet_proto; flags timeout; }
             ^^^^^^^^^^^^
In file included from /etc/dscpclassify.d/main.nft:38:1-44:
/tmp/etc/dscpclassify-pre.include:4:14-25: Error: No such file or directory
add set inet dscpclassify threaded_clients6 { type ipv6_addr . inet_service . inet_proto; flags timeout; }
             ^^^^^^^^^^^^
In file included from /etc/dscpclassify.d/main.nft:38:1-44:
/tmp/etc/dscpclassify-pre.include:5:14-25: Error: No such file or directory
add set inet dscpclassify threaded_services { type ipv4_addr . ipv4_addr . inet_service . inet_proto; flags timeout; }
             ^^^^^^^^^^^^
In file included from /etc/dscpclassify.d/main.nft:38:1-44:
/tmp/etc/dscpclassify-pre.include:6:14-25: Error: No such file or directory
add set inet dscpclassify threaded_services6 { type ipv6_addr . ipv6_addr . inet_service . inet_proto; flags timeout; }
             ^^^^^^^^^^^^
/etc/dscpclassify.d/main.nft:77:44-60: Error: No such file or directory
        ip saddr . th sport . meta l4proto @threaded_clients goto threaded_client
                                           ^^^^^^^^^^^^^^^^^
In file included from /etc/dscpclassify.d/main.nft:124:1-45:
/tmp/etc/dscpclassify-post.include:9:146-162: Error: No such file or directory
add rule inet dscpclassify established_connection meter tc_detect { ip daddr . th dport . meta l4proto timeout 5s limit rate over 9/minute } add @threaded_clients { ip daddr . th dport . meta l4proto timeout 30s }

                         ^^^^^^^^^^^^^^^^^
In file included from /etc/dscpclassify.d/main.nft:124:1-45:
/tmp/etc/dscpclassify-post.include:10:148-165: Error: No such file or directory
add rule inet dscpclassify established_connection meter tc_detect6 { ip6 daddr . th dport . meta l4proto timeout 5s limit rate over 9/minute } add @threaded_clients6 { ip6 daddr . th dport . meta l4proto timeout 30s }

                           ^^^^^^^^^^^^^^^^^^
In file included from /etc/dscpclassify.d/main.nft:124:1-45:
/tmp/etc/dscpclassify-post.include:11:152-168: Error: No such file or directory
add rule inet dscpclassify threaded_client meter tc_orig_bulk { ip saddr . th sport . meta l4proto timeout 5m limit rate over 9999 bytes/hour } update @threaded_clients { ip saddr . th sport . meta l4proto timeout 5m } goto ct_set_le

                               ^^^^^^^^^^^^^^^^^
In file included from /etc/dscpclassify.d/main.nft:124:1-45:
/tmp/etc/dscpclassify-post.include:12:154-171: Error: No such file or directory
add rule inet dscpclassify threaded_client meter tc_orig_bulk6 { ip6 saddr . th sport . meta l4proto timeout 5m limit rate over 9999 bytes/hour } update @threaded_clients6 { ip6 saddr . th sport . meta l4proto timeout 5m } goto ct_set_le

                                 ^^^^^^^^^^^^^^^^^^
In file included from /etc/dscpclassify.d/main.nft:124:1-45:
/tmp/etc/dscpclassify-post.include:13:159-175: Error: No such file or directory
add rule inet dscpclassify threaded_client_reply meter tc_reply_bulk { ip daddr . th dport . meta l4proto timeout 5m limit rate over 9999 bytes/hour } update @threaded_clients { ip daddr . th dport . meta l4proto timeout 5m } goto ct_set_le

                                      ^^^^^^^^^^^^^^^^^

[jeverley]

I think that last one just needs a single line fix, one more time @hudra0?

[hudra0]

Seems to be working now😁.

• Manual reload/restart works
• Reload when an interface is down works
• Reboot works

Thanks man, really appreciate all your effort.

[jeverley]

Glad we got it sorted, will merge into main. 🙂