Provided by: shorewall-common_4.0.15-1_all bug

NAME

       tos - Shorewall Type of Service rules file

SYNOPSIS

       /etc/shorewall/tos

DESCRIPTION

       This file defines rules for setting Type Of Service (TOS)

       The columns in the file are as follows.

       SOURCE - {zone[:address]|all|$FW} (Shorewall-shell)
           Name of a zone declared in shorewall-zones[1](5), all or $FW.

           If not all or $FW, may optionally be followed by ":" and an IP
           address, a MAC address, a subnet specification or the name of an
           interface.

           Example: loc:192.168.2.3

           MAC addresses must be prefixed with "~" and use "-" as a separator.

           Example: ~00-A0-C9-15-39-78

       SOURCE - {all|address]|all:address|$FW} (Shorewall-perl)
           If all, may optionally be followed by ":" and an IP address, a MAC
           address, a subnet specification or the name of an interface.

           Example: all:192.168.2.3

           MAC addresses must be prefixed with "~" and use "-" as a separator.

           Example: ~00-A0-C9-15-39-78

       DEST - {zone[:address]|all} (Shorewall-shell)
           Name of a zone declared in shorewall-zones[1](5) or all.

           If not all, may optionally be followed by ":" and an IP address or
           a subnet specification

           Example: loc:192.168.2.3

       DEST - {all|address]|all:address} (Shorewall-perl)
           Example: 192.168.2.3

       PROTOCOL - proto-name-or-number
           Protocol name or number.

       SOURCE PORT(S) - {-|port|lowport:highport}
           Source port or port range. If all ports, use "-".

       DEST PORT(S) - {-|port|lowport:highport}
           Destination port or port range. If all ports, use "-"

       TOS - tos
           Must be one of the following;

                       tos-minimize-delay (16)
                       tos-maximize-throughput (8)
                       tos-maximize-reliability (4)
                       tos-minimize-cost (2)
                       tos-normal-service (0)

       MARK - [!]value[/mask][:C]
           If you don´t want to define a test but need to specify anything in
           the following columns, place a "-" in this field.

           !
               Inverts the test (not equal)

           value
               Value of the packet or connection mark.

           mask
               A mask to be applied to the mark before testing.

           :C
               Designates a connection mark. If omitted, the packet mark´s
               value is tested. This option is only supported by
               Shorewall-perl.

FILES

       /etc/shorewall/tos

SEE ALSO

       shorewall(8), shorewall-accounting(5), shorewall-actions(5),
       shorewall-blacklist(5), shorewall-hosts(5), shorewall-interfaces(5),
       shorewall-ipsec(5), shorewall-maclist(5), shorewall-masq(5),
       shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
       shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5),
       shorewall-route_rules(5), shorewall-routestopped(5),
       shorewall-rules(5), shorewall.conf(5), shorewall-tcclasses(5),
       shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tunnels(5),
       shorewall-zones(5)

NOTES

        1. shorewall-zones
           shorewall-zones.html

                                  12/15/2008                  SHOREWALL-TOS(5)