shorewall-tos (5)

Shorewall type of service rules file

  1. Carta.tech
  2. Man Pages
  3. File formats and conventions
  4. shorewall-tos: Shorewall type of service rules file
  1. Carta.tech
  2. Packages
  3. shorewall
  4. shorewall-tos: Shorewall type of service rules file

SYNOPSIS

/etc/shorewall/tos

DESCRIPTION

This file defines rules for setting Type Of Service (TOS). Its use is deprecated, beginning in Shorewall 4.5.1, in favor of the TOS target in \m[blue]shorewall-mangle\m[]\s-2\u[1]\d\s+2 (5).

The columns in the file are as follows (where the column name is followed by a different name in parentheses, the different name is used in the alternate specification syntax).

SOURCE - {all|address]|all:address|$FW}

If all, may optionally be followed by ":" and an IP address, a MAC address, a subnet specification or the name of an interface.

Example: all:192.168.2.3

MAC addresses must be prefixed with "~" and use "-" as a separator.

Example: ~00-A0-C9-15-39-78

DEST - {all|address]|all:address}

Example: 192.168.2.3

PROTOCOL (proto) - proto-name-or-number

Protocol name or number.

SOURCE PORT(S) (sport) - {-|port|lowport:highport}

Source port or port range. If all ports, use "-".

DEST PORT(S) (dport) - {-|port|lowport:highport}

Destination port or port range. If all ports, use "-"

TOS - tos

Must may one of the following;

        tos-minimize-delay (16)
        tos-maximize-throughput (8)
        tos-maximize-reliability (4)
        tos-minimize-cost (2)
        tos-normal-service (0)

To specify more than one flag, add their values together and specify the numeric result.

MARK - [!]value[/mask][:C]

If you don't want to define a test but need to specify anything in the following columns, place a "-" in this field.

!

Inverts the test (not equal)

value

Value of the packet or connection mark.

mask

A mask to be applied to the mark before testing.

:C

Designates a connection mark. If omitted, the packet mark's value is tested.

FILES

/etc/shorewall/tos

RELATED TO shorewall-tos…

\m[blue]http://www.shorewall.net/configuration_file_basics.htm#Pairs\m[]\s-2\u[2]\d\s+2

shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5), shorewall-ipsets(5), shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5), shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-rtrules(5), shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5), shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-mangle(5), shorewall-tunnels(5), shorewall-zones(5)

NOTES

1.

shorewall-mangle

http://www.shorewall.net/manpages/shorewall-mangle.html

2.

http://www.shorewall.net/configuration_file_basics.htm#Pairs

http://www.shorewall.net/configuration_file_basics.htm#Pairs