Provided by: shorewall-common_4.0.12-1_all bug

NAME

       tos - Shorewall Type of Service rules file

SYNOPSIS

       /etc/shorewall/tos

DESCRIPTION

       This file defines rules for setting Type Of Service (TOS)

       The columns in the file are as follows.

       SOURCE - {zone[:address]|all|$FW} (Shorewall-shell)
              Name     of     a     zone     declared    in    shorewall-zones
              〈shorewall-zones.html〉 (5), all or $FW.

              If not all or $FW, may optionally be followed by ":" and  an  IP
              address, a MAC address, a subnet specification or the name of an
              interface.

              Example: loc:192.168.2.3

              MAC addresses must be  prefixed  with  "~"  and  use  "-"  as  a
              separator.

              Example: ~00-A0-C9-15-39-78

       SOURCE - {all|address]|all:address|$FW} (Shorewall-perl)
              If  all,  may optionally be followed by ":" and an IP address, a
              MAC address, a subnet specification or the name of an interface.

              Example: all:192.168.2.3

              MAC  addresses  must  be  prefixed  with  "~"  and  use "-" as a
              separator.

              Example: ~00-A0-C9-15-39-78

       DEST - {zone[:address]|all} (Shorewall-shell)
              Name    of    a     zone     declared     in     shorewall-zones
              〈shorewall-zones.html〉 (5) or all.

              If  not all, may optionally be followed by ":" and an IP address
              or a subnet specification

              Example: loc:192.168.2.3

       DEST - {all|address]|all:address} (Shorewall-perl)
              Example: 192.168.2.3

       PROTOCOLproto-name-or-number
              Protocol name or number.

       SOURCE PORT(S) — {-|port|lowport:highport}
              Source port or port range. If all ports, use "-".

       DEST PORT(S) — {-|port|lowport:highport}
              Destination port or port range. If all ports, use "-"

       TOStos
              Must be one of the following;

                      tos-minimize-delay (16)
                      tos-maximize-throughput (8)
                      tos-maximize-reliability (4)
                      tos-minimize-cost (2)
                      tos-normal-service (0)

       MARK — [!]value[/mask][:C]
              If you don’t want to define a test but need to specify  anything
              in the following columns, place a "-" in this field.

              !      Inverts the test (not equal)

              value  Value of the packet or connection mark.

              mask   A mask to be applied to the mark before testing.

              :C     Designates  a  connection  mark.  If  omitted, the packet
                     mark’s value is tested. This option is only supported  by
                     Shorewall-perl.

FILES

       /etc/shorewall/tos

SEE ALSO

       shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-
       blacklist(5), shorewall-hosts(5),  shorewall-interfaces(5),  shorewall-
       ipsec(5),  shorewall-maclist(5),  shorewall-masq(5),  shorewall-nat(5),
       shorewall-netmap(5),     shorewall-params(5),      shorewall-policy(5),
       shorewall-providers(5),        shorewall-proxyarp(5),        shorewall-
       route_rules(5),     shorewall-routestopped(5),      shorewall-rules(5),
       shorewall.conf(5),    shorewall-tcclasses(5),   shorewall-tcdevices(5),
       shorewall-tcrules(5), shorewall-tunnels(5), shorewall-zones(5)

                                 24 June 2008                 shorewall-tos(5)