[NCLUG] any iptables studs out there?
Mike Loseke
mike at verinet.com
Tue Mar 6 13:46:37 MST 2001
Thus spake Kevin Fenzi:
>
> <snip>
>
> Looks good to me...you might add the tos stuff (from my firewall):
>
> #
> # set TOS flags to make things flow better
> #
> iptables -t mangle -m tos --tos 16 -A PREROUTING -p tcp --dport www
> iptables -t mangle -m tos --tos 16 -A PREROUTING -p tcp --dport telnet
> iptables -t mangle -m tos --tos 16 -A PREROUTING -p tcp --dport ftp
> iptables -t mangle -m tos --tos 8 -A PREROUTING -p tcp --dport ftp-data
Ooh, very nice. Thanks!
> Not sure how much diffrence it really makes (depends on the upstream
> to care about TOS bits), but it doesn't hurt anything. ;)
--
Mike Loseke | If at first you don't succeed,
mike at verinet.com | increase the amperage.
More information about the NCLUG
mailing list