forked from extern/shorewall_code
Tweak tcrules references
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
39982c20c4
commit
67aef659b5
@ -911,7 +911,7 @@ eth1 0.0.0.0/0 130.252.99.27</programlisting>
|
||||
<para>Now suppose that you want to route all outgoing SMTP traffic from
|
||||
your local network through ISP 2. If you are running Shorewall 4.6.0 or
|
||||
later, you would make this entry in <ulink
|
||||
url="traffic_shaping.htm">/etc/shorewall/mangle</ulink>.</para>
|
||||
url="manpages/shorewall-mangle.html">/etc/shorewall/mangle</ulink>.</para>
|
||||
|
||||
<programlisting>#ACTION SOURCE DEST PROTO PORT(S) CLIENT USER TEST
|
||||
# PORT(S)
|
||||
@ -1950,9 +1950,9 @@ ONBOOT=yes</programlisting>
|
||||
url="manpages/shorewall-providers.html">shorewall-providers</ulink> (5)
|
||||
is available in the form of a PROBABILITY column in <ulink
|
||||
url="manpages/shorewall-mangle.html">shorewall-mangle</ulink>(5) (<ulink
|
||||
url="???">shorewall-tcrules</ulink>) (5). This feature requires the
|
||||
<firstterm>Statistic Match</firstterm> capability in your iptables and
|
||||
kernel.</para>
|
||||
url="manpages/shorewall-tcrules.html">shorewall-tcrules</ulink>) (5).
|
||||
This feature requires the <firstterm>Statistic Match</firstterm>
|
||||
capability in your iptables and kernel.</para>
|
||||
|
||||
<para>This method works when there are multiple links to the same ISP
|
||||
where both links have the same default gateway.</para>
|
||||
@ -2579,7 +2579,9 @@ MARK(2) $FW 0.0.0.0/0 tcp 21
|
||||
MARK(2) $FW 0.0.0.0/0 tcp - - - - - - - ftp
|
||||
MARK(2) $FW 0.0.0.0/0 tcp 119</programlisting></para>
|
||||
|
||||
<para>Here are the equivalent tcrules entries:</para>
|
||||
<para>If you are still using a tcrules file, you should consider
|
||||
switching to using a mangle file (<command>shorewall update -t</command>
|
||||
will do that for you). Here are the equivalent tcrules entries:</para>
|
||||
|
||||
<programlisting>#MARK SOURCE DEST PROTO PORT(S) CLIENT USER TEST LENGTH TOS CONNBYTES HELPER
|
||||
# PORT(S)
|
||||
|
@ -246,7 +246,10 @@ Squid 1 202 - eth1 192.168.1.3 loose,no
|
||||
# PORT(S)
|
||||
MARK(202):P eth1:!192.168.1.3 0.0.0.0/0 tcp 80</programlisting>
|
||||
|
||||
<para>Corresponding /etc/shorewall/tcrules entries are:</para>
|
||||
<para>If you are still using a tcrules file, you should consider
|
||||
switching to using a mangle file (<command>shorewall update
|
||||
-t</command> will do that for you). Corresponding
|
||||
/etc/shorewall/tcrules entries are:</para>
|
||||
|
||||
<programlisting>#MARK SOURCE DEST PROTO DEST
|
||||
# PORT(S)
|
||||
|
Loading…
Reference in New Issue
Block a user