From 0b9cd937691681d623d6cc46b6b59716f7816f05 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Wed, 27 Jul 2016 13:59:15 -0700 Subject: [PATCH] Default DSCP rules to the POSTROUTING chain Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Rules.pm | 2 +- Shorewall/manpages/shorewall-mangle.xml | 3 ++- Shorewall6/manpages/shorewall6-mangle.xml | 5 +++-- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm index 5a441795b..dda4c2903 100644 --- a/Shorewall/Perl/Shorewall/Rules.pm +++ b/Shorewall/Perl/Shorewall/Rules.pm @@ -4299,7 +4299,7 @@ sub process_mangle_rule1( $$$$$$$$$$$$$$$$$$ ) { }, DSCP => { - defaultchain => 0, + defaultchain => POSTROUTING, allowedchains => PREROUTING | FORWARD | OUTPUT | POSTROUTING, minparams => 1, maxparams => 1, diff --git a/Shorewall/manpages/shorewall-mangle.xml b/Shorewall/manpages/shorewall-mangle.xml index 1d89e7258..ccf2b10fb 100644 --- a/Shorewall/manpages/shorewall-mangle.xml +++ b/Shorewall/manpages/shorewall-mangle.xml @@ -355,7 +355,8 @@ DIVERTHA - - tcp EF => 0x2e To indicate more than one class, add their hex values - together and specify the result. + together and specify the result. By default, DSCP rules are + placed in the POSTROUTING chain. diff --git a/Shorewall6/manpages/shorewall6-mangle.xml b/Shorewall6/manpages/shorewall6-mangle.xml index a43090e74..2cc852858 100644 --- a/Shorewall6/manpages/shorewall6-mangle.xml +++ b/Shorewall6/manpages/shorewall6-mangle.xml @@ -356,7 +356,8 @@ DIVERTHA - - tcp EF => 0x2e To indicate more than one class, add their hex values - together and specify the result. + together and specify the result. By default, DSCP rules are + placed in the POSTROUTING chain. @@ -633,7 +634,7 @@ INLINE eth0 - ; -p tcp -j MARK --set The third number specifies the number of log messages that should be buffered in the kernel before they - are sent to user space. The default is 1. + are sent to user space. The default is 1.