mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-22 23:53:30 +01:00
Update shorewall.conf(5) for Simplified TC
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
f69a741691
commit
416f600181
@ -169,19 +169,6 @@
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
|
||||||
<term><emphasis role="bold">ACCOUNTING=</emphasis>[<emphasis
|
|
||||||
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
|
|
||||||
|
|
||||||
<listitem>
|
|
||||||
<para>Added in Shorewall 4.5.0. If set to Yes, Shorewall accounting
|
|
||||||
is enabled (see <ulink
|
|
||||||
url="shorewall-accounting.html">shorewall-accounting</ulink>(5)). If
|
|
||||||
not specified or set to the empty value, ACCOUNTING=Yes is
|
|
||||||
assumed.</para>
|
|
||||||
</listitem>
|
|
||||||
</varlistentry>
|
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><emphasis role="bold">ADD_IP_ALIASES=</emphasis>[<emphasis
|
<term><emphasis role="bold">ADD_IP_ALIASES=</emphasis>[<emphasis
|
||||||
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
|
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
|
||||||
@ -1062,24 +1049,6 @@ net all DROP info</programlisting>then the chain name is 'net2all'
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
|
||||||
<term><emphasis
|
|
||||||
role="bold">MASK_BITS</emphasis>=<emphasis>bits</emphasis></term>
|
|
||||||
|
|
||||||
<listitem>
|
|
||||||
<para>Added in Shorewall 4.5.0. This option specifies the number of
|
|
||||||
<emphasis>bits</emphasis> to use as a mask for traffic shaping marks
|
|
||||||
and must be greater than or equal to TC_BITS. The default value
|
|
||||||
depends on the setting of WIDE_TC_MARKS:</para>
|
|
||||||
|
|
||||||
<simplelist>
|
|
||||||
<member>WIDE_TC_MARKS=No - 8 bits.</member>
|
|
||||||
|
|
||||||
<member>WIDE_TC_MARKS=Yes - 16 bits.</member>
|
|
||||||
</simplelist>
|
|
||||||
</listitem>
|
|
||||||
</varlistentry>
|
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><emphasis role="bold">MODULE_SUFFIX=</emphasis>[<emphasis
|
<term><emphasis role="bold">MODULE_SUFFIX=</emphasis>[<emphasis
|
||||||
role="bold">"</emphasis><emphasis>extension</emphasis> ...<emphasis
|
role="bold">"</emphasis><emphasis>extension</emphasis> ...<emphasis
|
||||||
@ -1204,42 +1173,6 @@ net all DROP info</programlisting>then the chain name is 'net2all'
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
|
||||||
<term><emphasis
|
|
||||||
role="bold">PROVIDER_BITS</emphasis>=<emphasis>bits</emphasis></term>
|
|
||||||
|
|
||||||
<listitem>
|
|
||||||
<para>Added in Shorewall 4.5.0. Specifies the number of bits of the
|
|
||||||
packet/connection mark to use for the provider (routing) mark.
|
|
||||||
Provider mark values must be >= 2**PROVIDER_OFFSET and less than
|
|
||||||
2**(PROVIDER_OFFSET + PROVIDER_BITS). The default value is 8
|
|
||||||
bits.</para>
|
|
||||||
</listitem>
|
|
||||||
</varlistentry>
|
|
||||||
|
|
||||||
<varlistentry>
|
|
||||||
<term><emphasis
|
|
||||||
role="bold">PROVIDER_OFFSET</emphasis>=<emphasis>offset</emphasis></term>
|
|
||||||
|
|
||||||
<listitem>
|
|
||||||
<para>Added in Shorewall 4.5.0. Specifies the
|
|
||||||
<emphasis>offset</emphasis> in bits from the least significate bit
|
|
||||||
of the packet/connection mark where the Provider Mark value is
|
|
||||||
stored. The default is based on the settings of HIGH_ROUTE_MARKS and
|
|
||||||
WIDE_TC_MARKS:</para>
|
|
||||||
|
|
||||||
<simplelist>
|
|
||||||
<member>HIGH_ROUTE_MARKS=No - 0 bits.</member>
|
|
||||||
|
|
||||||
<member>HIGH_ROUTE_MARKS=Yes and WIDE_TC_MARKS=No - 8
|
|
||||||
bits.</member>
|
|
||||||
|
|
||||||
<member>HIGH_ROUTE_MARKS=Yes and WIDE_TC_MARKS=Yes - 16
|
|
||||||
bits.</member>
|
|
||||||
</simplelist>
|
|
||||||
</listitem>
|
|
||||||
</varlistentry>
|
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><emphasis role="bold">PKTTYPE=</emphasis>{<emphasis
|
<term><emphasis role="bold">PKTTYPE=</emphasis>{<emphasis
|
||||||
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>}</term>
|
role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>}</term>
|
||||||
@ -1476,28 +1409,6 @@ net all DROP info</programlisting>then the chain name is 'net2all'
|
|||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
|
||||||
<term><emphasis
|
|
||||||
role="bold">TC_BITS</emphasis>=<emphasis>bits</emphasis></term>
|
|
||||||
|
|
||||||
<listitem>
|
|
||||||
<para>Added in Shorewall 4.5.0. This option replaces WIDE_TC_MARKS
|
|
||||||
by allowing you to specify the number of <emphasis>bits</emphasis>
|
|
||||||
of the 32-bit packet/connection mark to be used for traffic shaping.
|
|
||||||
The default value is based on the settings of WIDE_TC_MARKS:</para>
|
|
||||||
|
|
||||||
<simplelist>
|
|
||||||
<member>WIDE_TC_MARKS=No - 8 bits.</member>
|
|
||||||
|
|
||||||
<member>WIDE_TC_MARKS=Yes - 14 bits.</member>
|
|
||||||
</simplelist>
|
|
||||||
|
|
||||||
<para>Mark values specified in <ulink
|
|
||||||
url="shorewall-tcclasses.html">shorewall-tcclasses (5)</ulink> must
|
|
||||||
be < 2**TC_BITS.</para>
|
|
||||||
</listitem>
|
|
||||||
</varlistentry>
|
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><emphasis role="bold">TC_ENABLED=</emphasis>[<emphasis
|
<term><emphasis role="bold">TC_ENABLED=</emphasis>[<emphasis
|
||||||
role="bold">Yes</emphasis>|<emphasis
|
role="bold">Yes</emphasis>|<emphasis
|
||||||
@ -1516,7 +1427,7 @@ net all DROP info</programlisting>then the chain name is 'net2all'
|
|||||||
role="bold">no</emphasis> then traffic shaping is not
|
role="bold">no</emphasis> then traffic shaping is not
|
||||||
enabled.</para>
|
enabled.</para>
|
||||||
|
|
||||||
<para>If you set TC_ENABLED=Simple (Shorewall 4.5.0 and later),
|
<para>If you set TC_ENABLED=Simple (Shorewall 4.4.6 and later),
|
||||||
simple traffic shaping using <ulink
|
simple traffic shaping using <ulink
|
||||||
url="shorewall-tcinterfaces.html">shorewall-tcinterfaces</ulink>(5)
|
url="shorewall-tcinterfaces.html">shorewall-tcinterfaces</ulink>(5)
|
||||||
and <ulink url="shorewall-tcpri.html">shorewall-tcpri</ulink>(5) is
|
and <ulink url="shorewall-tcpri.html">shorewall-tcpri</ulink>(5) is
|
||||||
@ -1548,7 +1459,7 @@ net all DROP info</programlisting>then the chain name is 'net2all'
|
|||||||
role="bold">TC_PRIOMAP</emphasis>=<emphasis>map</emphasis></term>
|
role="bold">TC_PRIOMAP</emphasis>=<emphasis>map</emphasis></term>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>Added in Shorewall 4.5.0. Determines the mapping of a packet's
|
<para>Added in Shorewall 4.4.6. Determines the mapping of a packet's
|
||||||
TOS field to priority bands. See <ulink
|
TOS field to priority bands. See <ulink
|
||||||
url="shorewall-tcpri.html">shorewall-tcpri</ulink>(5). The
|
url="shorewall-tcpri.html">shorewall-tcpri</ulink>(5). The
|
||||||
<emphasis>map</emphasis> consists of 16 space-separated digits with
|
<emphasis>map</emphasis> consists of 16 space-separated digits with
|
||||||
|
Loading…
Reference in New Issue
Block a user