Name

tos — Shorewall Type of Service rules file

Synopsis

/etc/shorewall/tos

Description

This file defines rules for setting Type Of Service (TOS)

The columns in the file are as follows.

SOURCE - {zone[:address]|all|$FW} (Shorewall-shell)

Name of a zone declared in shorewall-zones(5), all or $FW.

If not all or $FW, may optionally be followed by ":" and an IP address, a MAC address, a subnet specification or the name of an interface.

Example: loc:192.168.2.3

MAC addresses must be prefixed with "~" and use "-" as a separator.

Example: ~00-A0-C9-15-39-78

SOURCE - {all|address]|all:address|$FW} (Shorewall-perl)

If all, may optionally be followed by ":" and an IP address, a MAC address, a subnet specification or the name of an interface.

Example: all:192.168.2.3

MAC addresses must be prefixed with "~" and use "-" as a separator.

Example: ~00-A0-C9-15-39-78

DEST - {zone[:address]|all} (Shorewall-shell)

Name of a zone declared in shorewall-zones(5) or all.

If not all, may optionally be followed by ":" and an IP address or a subnet specification

Example: loc:192.168.2.3

DEST - {all|address]|all:address} (Shorewall-perl)

Example: 192.168.2.3

PROTOCOL - proto-name-or-number

Protocol name or number.

SOURCE PORT(S) - {-|port|lowport:highport}

Source port or port range. If all ports, use "-".

DEST PORT(S) - {-|port|lowport:highport}

Destination port or port range. If all ports, use "-"

TOS - tos

Must be one of the following;

        tos-minimize-delay (16)
        tos-maximize-throughput (8)
        tos-maximize-reliability (4)
        tos-minimize-cost (2)
        tos-normal-service (0)
MARK - [!]value[/mask][:C]

If you don't want to define a test but need to specify anything in the following columns, place a "-" in this field.

!

Inverts the test (not equal)

value

Value of the packet or connection mark.

mask

A mask to be applied to the mark before testing.

:C

Designates a connection mark. If omitted, the packet mark's value is tested. This option is only supported by Shorewall-perl.

FILES

/etc/shorewall/tos

See ALSO

shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall-interfaces(5), shorewall-ipsec(5), shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5), shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-route_rules(5), shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tunnels(5), shorewall-zones(5)