Provided by: shorewall_4.5.21.6-1_all bug

NAME
       tos - Shorewall Type of Service rules file


SYNOPSIS
       /etc/shorewall/tos


DESCRIPTION
       This file defines rules for setting Type Of Service (TOS). Its use is deprecated,
       beginning in Shorewall 4.5.1, in favor of the TOS target in shorewall-tcrules[1] (5).

       The columns in the file are as follows (where the column name is followed by a different
       name in parentheses, the different name is used in the alternate specification syntax).

       SOURCE - {all|address]|all:address|$FW}
           If all, may optionally be followed by ":" and an IP address, a MAC address, a subnet
           specification or the name of an interface.

           Example: all:192.168.2.3

           MAC addresses must be prefixed with "~" and use "-" as a separator.

           Example: ~00-A0-C9-15-39-78

       DEST - {all|address]|all:address}
           Example: 192.168.2.3

       PROTOCOL (proto) - proto-name-or-number
           Protocol name or number.

       SOURCE PORT(S) (sport) - {-|port|lowport:highport}
           Source port or port range. If all ports, use "-".

       DEST PORT(S) (dport) - {-|port|lowport:highport}
           Destination port or port range. If all ports, use "-"

       TOS - tos
           Must may one of the following;

                       tos-minimize-delay (16)
                       tos-maximize-throughput (8)
                       tos-maximize-reliability (4)
                       tos-minimize-cost (2)
                       tos-normal-service (0)

           To specify more than one flag, add their values together and specify the numeric
           result.

       MARK - [!]value[/mask][:C]
           If you don't want to define a test but need to specify anything in the following
           columns, place a "-" in this field.

           !
               Inverts the test (not equal)

           value
               Value of the packet or connection mark.

           mask
               A mask to be applied to the mark before testing.

           :C
               Designates a connection mark. If omitted, the packet mark's value is tested.


FILES
       /etc/shorewall/tos


SEE ALSO
       http://shorewall.net/configuration_file_basics.htm#Pairs

       shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5),
       shorewall-hosts(5), shorewall_interfaces(5), shorewall-ipsets(5), shorewall-maclist(5),
       shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
       shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-rtrules(5),
       shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5), shorewall-secmarks(5),
       shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5),
       shorewall-tunnels(5), shorewall-zones(5)


NOTES
        1. shorewall-tcrules
           http://www.shorewall.netshorewall-tcrules.html

[FIXME: source]                             01/30/2014                           SHOREWALL-TOS(5)