[NCLUG] any iptables studs out there?
Kevin Fenzi
kevin at scrye.com
Tue Mar 6 11:28:18 MST 2001
<snip>
Looks good to me...you might add the tos stuff (from my firewall):
#
# set TOS flags to make things flow better
#
iptables -t mangle -m tos --tos 16 -A PREROUTING -p tcp --dport www
iptables -t mangle -m tos --tos 16 -A PREROUTING -p tcp --dport telnet
iptables -t mangle -m tos --tos 16 -A PREROUTING -p tcp --dport ftp
iptables -t mangle -m tos --tos 8 -A PREROUTING -p tcp --dport ftp-data
Not sure how much diffrence it really makes (depends on the upstream
to care about TOS bits), but it doesn't hurt anything. ;)
kevin
More information about the NCLUG
mailing list