shorewall-tos
5
tos
Shorewall Type of Service rules file
/etc/shorewall/tos
Description
This file defines rules for setting Type Of Service (TOS)
The columns in the file are as follows.
SOURCE -
{zone[:address]|all|$FW}
(Shorewall-shell)
Name of a zone declared in shorewall-zones(5), all or $FW.
If not all or $FW, may optionally be followed by ":" and an
IP address, a MAC address, a subnet specification or the name of an
interface.
Example: loc:192.168.2.3
MAC addresses must be prefixed with "~" and use "-" as a
separator.
Example: ~00-A0-C9-15-39-78
SOURCE - {all|address]|all:address|$FW} (Shorewall-perl)
If all, may optionally be
followed by ":" and an IP address, a MAC address, a subnet
specification or the name of an interface.
Example: all:192.168.2.3
MAC addresses must be prefixed with "~" and use "-" as a
separator.
Example: ~00-A0-C9-15-39-78
DEST -
{zone[:address]|all} (Shorewall-shell)
Name of a zone declared in shorewall-zones(5) or all.
If not all, may optionally be
followed by ":" and an IP address or a subnet specification
Example: loc:192.168.2.3
DEST - {all|address]|all:address}
(Shorewall-perl)
Example: 192.168.2.3
PROTOCOL —
proto-name-or-number
Protocol name or number.
SOURCE PORT(S) —
{-|port|lowport:highport}
Source port or port range. If all ports, use "-".
DEST PORT(S) —
{-|port|lowport:highport}
Destination port or port range. If all ports, use "-"
TOS —
tos
Must be one of the following;
tos-minimize-delay (16)
tos-maximize-throughput (8)
tos-maximize-reliability (4)
tos-minimize-cost (2)
tos-normal-service (0)
MARK — [!]value[/mask][:C]
If you don't want to define a test but need to specify
anything in the following columns, place a "-" in this field.
!
Inverts the test (not equal)
value
Value of the packet or connection mark.
mask
A mask to be applied to the mark before testing.
:C
Designates a connection mark. If omitted, the packet
mark's value is tested. This option is only supported by
Shorewall-perl.
FILES
/etc/shorewall/tos
See ALSO
shorewall(8), shorewall-accounting(5), shorewall-actions(5),
shorewall-blacklist(5), shorewall-hosts(5), shorewall-interfaces(5),
shorewall-ipsec(5), shorewall-maclist(5), shorewall-masq(5),
shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5),
shorewall-route_rules(5), shorewall-routestopped(5), shorewall-rules(5),
shorewall.conf(5), shorewall-tcclasses(5), shorewall-tcdevices(5),
shorewall-tcrules(5), shorewall-tunnels(5), shorewall-zones(5)