Rechercher une page de manuel
shorewall-tcfilters
Langue: en
Version: 07/24/2010 (fedora - 01/12/10)
Section: 5 (Format de fichier)
NAME
tcfilters - Shorewall u32 classifier rules fileSYNOPSIS
- /etc/shorewall/tcfilters
DESCRIPTION
- Entries in this file cause packets to be classified for traffic shaping.
The columns in the file are as follows.
CLASS - interface:class
- The name or number of an interface defined in m[blue]shorewall-tcdevicesm[][1](5) followed by a class number defined for that interface in m[blue]shorewall-tcclassesm[][2](5).
SOURCE - {-|address}
- Source of the packet. May be a host or network address. DNS names are not allowed.
DEST - {-|address}}
- Destination of the packet. Comma separated list of IP addresses and/or subnets. If your kernel and iptables include iprange match support, IP address ranges are also allowed. List elements may also consist of an interface name followed by ":" and an address (e.g., eth1:192.168.1.0/24). If the MARK column specificies a classification of the form major:minor then this column may also contain an interface name.
You may exclude certain hosts from the set already defined through use of an exclusion (see m[blue]shorewall-exclusionm[][3](5)).
PROTO - {-|protocol-number|protocol-name|all}
- Protocol.
DEST PORT (Optional) - [-|port-name-or-number]
- Destination Ports. A Port name (from services(5)) or a port number; if the protocol is icmp, this column is interpreted as the destination icmp-type(s).
SOURCE PORT (Optional) - [-|port-name-or-number]
- Source port.
TOS (Optional) - [-|tos]
- Specifies the value of the TOS field. The tos value can be any of the following:
-
- * tos-minimize-delay
- * tos-maximuze-throughput
- * tos-maximize-reliability
- * tos-minimize-cost
- * tos-normal-service
- * hex-number
- * hex-number/hex-number
- The hex-numbers must be exactly two digits (e.g., 0x04)x.
LENGTH (Optional) - [-|number]
- Must be a power of 2 between 32 and 8192 inclusive. Packets with a total length that is strictly less than the specified number will match the rule.
EXAMPLE
Example 1:
- Place all ICMP echo traffic on interface 1 in class 10.
-
-
#CLASS SOURCE DEST PROTO DEST # PORT 1:10 0.0.0.0/0 0.0.0.0/0 icmp echo-request 1:10 0.0.0.0/0 0.0.0.0/0 icmp echo-reply
-
FILES
/etc/shorewall/tcfilters
SEE ALSO
m[blue]http://shorewall.net/traffic_shaping.htmm[]
m[blue]http://shorewall.net/MultiISP.htmlm[]
m[blue]http://shorewall.net/PacketMarking.htmlm[]
shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-ecn(5), shorewall-exclusion(5), shorewall-hosts(5), shorewall-interfaces(5), shorewall-ipsec(5), shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5), shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-route_rules(5), shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tos(5), shorewall-tunnels(5), shorewall-zones(5)
NOTES
- 1.
- shorewall-tcdevices
- http://www.shorewall.net/manpages/shorewall-tcdevices.html
- 2.
- shorewall-tcclasses
- http://www.shorewall.net/manpages/shorewall-tcclasses.html
- 3.
- shorewall-exclusion
- http://www.shorewall.net/manpages/shorewall-exclusion.html
Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre