[NCLUG] any iptables studs out there?

Kevin Fenzi kevin at scrye.com
Tue Mar 6 11:28:18 MST 2001


<snip>

Looks good to me...you might add the tos stuff (from my firewall):

#
# set TOS flags to make things flow better
#
iptables -t mangle -m tos --tos 16 -A PREROUTING -p tcp --dport www
iptables -t mangle -m tos --tos 16 -A PREROUTING -p tcp --dport telnet
iptables -t mangle -m tos --tos 16 -A PREROUTING -p tcp --dport ftp
iptables -t mangle -m tos --tos 8 -A PREROUTING -p tcp --dport ftp-data

Not sure how much diffrence it really makes (depends on the upstream
to care about TOS bits), but it doesn't hurt anything. ;) 

kevin



More information about the NCLUG mailing list