- char *final_chain = "DROP"; /* REJECT would be better, but it is impossible in mangle */\r
- if(free_min)\r
- {\r
- final_chain = "ACCEPT";\r
- }\r
- if(qos_proxy)\r
- {\r
- if(free_min)\r
- {\r
- sprintf(str,"-A %s -s %s -p tcp --sport %d -o %s -j %s%d",\r
- chain_postrouting,proxy_ip,proxy_port,lan,mark_iptables,3);\r
- save_line(str);\r
- }\r
- sprintf(str,"-A %s -s %s -p tcp --sport %d -o %s -j %s",\r
- chain_postrouting,proxy_ip,proxy_port,lan,final_chain);\r
- save_line(str);\r
- }\r
- if(free_min)\r
- {\r
- sprintf(str,"-A %s -o %s -j %s%d", chain_postrouting, lan, mark_iptables, 3);\r
- save_line(str);\r
- }\r
- sprintf(str,"-A %s -o %s -j %s", chain_postrouting, lan, final_chain);\r
- save_line(str);\r
- /* ------------------------------- classify or reject free upload */\r
- if(free_min)\r
- {\r
- sprintf(str,"-A %s -o %s -j %s%d", chain_forward, wan, mark_iptables, 3);\r
- save_line(str);\r
- }\r
- sprintf(str,"-A %s -o %s -j %s", chain_forward, wan, final_chain);\r
- save_line(str);\r
+ final_chain = "ACCEPT";\r
+ }\r
+\r
+/*\r
+ if(qos_proxy)\r
+ {\r
+ if(free_min) \r
+ {\r
+ sprintf(str, "-A %s -s %s -p tcp --sport %d -o %s -j %s%d",\r
+ chain_postrouting,proxy_ip,proxy_port,lan,mark_iptables, 3);\r
+ iptables_save_line(str, FALSE); // only for IPv4\r
+ }\r
+ sprintf(str, "-A %s -s %s -p tcp --sport %d -o %s -j %s",\r
+ chain_postrouting,proxy_ip,proxy_port,lan,final_chain);\r
+ iptables_save_line(str, FALSE); // only for IPv4\r
+ }\r
+*/\r
+\r
+ if(free_min)\r
+ {\r
+ sprintf(str, "-A %s -o %s -j %s%d",\r
+ chain_postrouting, lan, mark_iptables, FREE_CLASS);\r
+ iptables_save_line(str, FALSE); /* only for IPv4 */\r
+ }\r
+\r
+ sprintf(str,"-A %s -o %s -j %s", chain_postrouting, lan, final_chain);\r
+ iptables_save_line(str, FALSE);\r
+ if(ip6prefix)\r
+ {\r
+ sprintf(str,"-A %s -o %s -j %s", chain_postrouting, lan, final_chain);\r
+ iptables_save_line(str, TRUE);\r
+ }\r
+\r
+ if(free_min)\r
+ {\r
+ sprintf(str,"-A %s -o %s -j %s%d", chain_forward, wan, mark_iptables, FREE_CLASS);\r
+ iptables_save_line(str, FALSE); /* only for IPv4 */\r
+ }\r
+\r
+ sprintf(str,"-A %s -o %s -j %s", chain_forward, wan, final_chain);\r
+ iptables_save_line(str, FALSE);\r
+ if(ip6prefix)\r
+ {\r
+ sprintf(str,"-A %s -o %s -j %s", chain_postrouting, lan, final_chain);\r
+ iptables_save_line(str, TRUE);\r