holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Tweak tcrules references

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2015-08-19 12:57:36 -07:00
parent 9f2958fd27
commit 37c9db2bd6
2 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/MultiISP.xml
View File

@ -911,7 +911,7 @@ eth1 0.0.0.0/0 130.252.99.27</programlisting>
<para>Now suppose that you want to route all outgoing SMTP traffic from <para>Now suppose that you want to route all outgoing SMTP traffic from
your local network through ISP 2. If you are running Shorewall 4.6.0 or your local network through ISP 2. If you are running Shorewall 4.6.0 or
later, you would make this entry in <ulink later, you would make this entry in <ulink
url="traffic_shaping.htm">/etc/shorewall/mangle</ulink>.</para> url="manpages/shorewall-mangle.html">/etc/shorewall/mangle</ulink>.</para>
<programlisting>#ACTION SOURCE DEST PROTO PORT(S) CLIENT USER TEST <programlisting>#ACTION SOURCE DEST PROTO PORT(S) CLIENT USER TEST
# PORT(S) # PORT(S)
@ -1950,9 +1950,9 @@ ONBOOT=yes</programlisting>
url="manpages/shorewall-providers.html">shorewall-providers</ulink> (5) url="manpages/shorewall-providers.html">shorewall-providers</ulink> (5)
is available in the form of a PROBABILITY column in <ulink is available in the form of a PROBABILITY column in <ulink
url="manpages/shorewall-mangle.html">shorewall-mangle</ulink>(5) (<ulink url="manpages/shorewall-mangle.html">shorewall-mangle</ulink>(5) (<ulink
url="???">shorewall-tcrules</ulink>) (5). This feature requires the url="manpages/shorewall-tcrules.html">shorewall-tcrules</ulink>) (5).
<firstterm>Statistic Match</firstterm> capability in your iptables and This feature requires the <firstterm>Statistic Match</firstterm>
kernel.</para> capability in your iptables and kernel.</para>
<para>This method works when there are multiple links to the same ISP <para>This method works when there are multiple links to the same ISP
where both links have the same default gateway.</para> where both links have the same default gateway.</para>
@ -2579,7 +2579,9 @@ MARK(2) $FW 0.0.0.0/0 tcp 21
MARK(2) $FW 0.0.0.0/0 tcp - - - - - - - ftp MARK(2) $FW 0.0.0.0/0 tcp - - - - - - - ftp
MARK(2) $FW 0.0.0.0/0 tcp 119</programlisting></para> MARK(2) $FW 0.0.0.0/0 tcp 119</programlisting></para>
<para>Here are the equivalent tcrules entries:</para> <para>If you are still using a tcrules file, you should consider
switching to using a mangle file (<command>shorewall update -t</command>
will do that for you). Here are the equivalent tcrules entries:</para>
<programlisting>#MARK SOURCE DEST PROTO PORT(S) CLIENT USER TEST LENGTH TOS CONNBYTES HELPER <programlisting>#MARK SOURCE DEST PROTO PORT(S) CLIENT USER TEST LENGTH TOS CONNBYTES HELPER
# PORT(S) # PORT(S)

5
docs/Shorewall_Squid_Usage.xml
View File

@ -246,7 +246,10 @@ Squid 1 202 - eth1 192.168.1.3 loose,no
# PORT(S) # PORT(S)
MARK(202):P eth1:!192.168.1.3 0.0.0.0/0 tcp 80</programlisting> MARK(202):P eth1:!192.168.1.3 0.0.0.0/0 tcp 80</programlisting>
<para>Corresponding /etc/shorewall/tcrules entries are:</para> <para>If you are still using a tcrules file, you should consider
switching to using a mangle file (<command>shorewall update
-t</command> will do that for you). Corresponding
/etc/shorewall/tcrules entries are:</para>
<programlisting>#MARK SOURCE DEST PROTO DEST <programlisting>#MARK SOURCE DEST PROTO DEST
# PORT(S) # PORT(S)