bionic (5) fireqos.conf.5.gz

Provided by: fireqos-doc_3.1.5+ds-1ubuntu1_all bug

NAME

       fireqos.conf - FireQOS configuration file

DESCRIPTION

       This file defines the traffic shaping that will be applied by fireqos(1).

       The  default  configuration  file is /etc/firehol/fireqos.conf.  It can be overridden from
       the command line.

       A configuration consists of a number  of  input  and  output  interface  definitions  (see
       fireqos-interface(5)).   Each  interface  can  define  any  number  of (optionally nested)
       classes  (see  fireqos-class(5))  which  shape  the  traffic   which   they   match   (see
       fireqos-match(5)).

SPEED UNITS

       In FireQOS, speeds can be expressed in the following units:

       #bps   # bytes per second

       #kbps; #Kbps
              # kilobytes per second

       #mbps; #Mbps
              # megabytes per second

       #gbps; #Gbps
              # gigabytes per second

       #bit   # bits per second

       #kbit; #Kbit; #
              # kilobits per second (default)

       #mbit; #Mbit
              # megabits per second

       #gbit; #Gbit
              # gigabits per second

       #%     In a class, uses this percentage of the enclosing rate.

              Note

              The default, kbit is different to tc(8) which assumes bytes per second when no unit
              is specified.

EXAMPLE

       This example uses match statements.

               # incoming traffic from my ADSL router
               interface eth2 adsl-in input rate 10500kbit adsl remote pppoe-llc
                 class voip commit 100kbit pfifo
                   match udp ports 5060,10000:10100 # asterisk sip and rtp
                   match udp ports 16393:16402 # apple facetime

                 class realtime commit 10%
                   match tcp port 22,1195:1198,1753 # ssh, openvpn, pptp
                   match udp port 53 # dns
                   match proto GRE
                   match icmp
                   match tcp syn
                   match tcp ack

                 class clients commit 10%
                   match tcp port 20,21,25,80,143,443,465,873,993 # mail, web, ftp, etc

               # unmatched traffic goes here ('default' is a special name)
                 class default max 90%

               # I define torrents beneath the default class, so they slow
               # down when the default class is willing to get bandwidth
                 class torrents max 90%
                   match port 51414 # my torrent client

               # outgoing traffic to my ADSL router
               interface eth2 adsl-out output rate 800kbit adsl remote pppoe-llc
                 class voip commit 100kbit pfifo
                   match udp ports 5060,10000:10100 # asterisk sip and rtp
                   match udp ports 16393:16402 # apple facetime

                 class realtime commit 10%
                   match tcp port 22,1195:1198,1753 # ssh, openvpn, pptp
                   match udp port 53 # dns
                   match proto GRE
                   match icmp
                   match tcp syn
                   match tcp ack

                 class clients commit 10%
                   match tcp port 20,21,25,80,143,443,465,873,993 # mail, web, ftp, etc

               # unmatched traffic goes here ('default' is a special name)
                 class default max 90%

               # I define torrents beneath the default class, so they slow
               # down when the default class is willing to get bandwidth
                 class torrents max 90%
                   match port 51414 # my torrent client

       This example uses server/client statements in a bidirectional interface.  Of course  match
       statements  can also be specified.  FireQOS will create 2 interfaces out of this: world-in
       and world-out.

                DEVICE=dsl0
                INPUT_SPEED="12000kbit"
                OUTPUT_SPEED="800kbit"
                LINKTYPE="adsl local pppoe-llc"

                # a few service definitions
                # all the rest that are used in this example
                # are defined by FireQOS
                server_netdata_ports="tcp/19999"
                server_rtp_ports="udp/10000:10100"
                server_openvpn_ports="any/1195:1198"
                server_mytorrent_ports="any/60000"
                server_mytorrenttransfers_ports="any/60001:64999"
                server_myssh_ports="tcp/2222"

                # League Of Legends game (yes! I have kids)
                server_lol_ports="udp/5000:5500 tcp/8393:8400,2099,5223,5222,8088"

                interface $DEVICE world bidirectional $LINKTYPE input rate $INPUT_SPEED output rate $OUTPUT_SPEED

                  class voip commit 100kbit pfifo
                    server sip
                    client sip
                    server rtp
                    client stun

                  class interactive input commit 20% output commit 10%
                    server icmp limit 50%

                    server dns
                    client dns

                    server ssh
                    client ssh

                    server myssh
                    client myssh

                    client teamviewer
                    client lol

                  class chat input commit 1000kbit output commit 30%
                    client facetime

                    server hangouts
                    client hangouts

                    client gtalk
                    client jabber

                  class vpns input commit 20% output commit 30%
                    server pptp
                    server GRE
                    server openvpn

                  class servers
                    server netdata
                    server http

                  # a class group to favor tcp handshake over transfers
                  class group surfing prio keep commit 5%
                    client surfing
                    client rsync

                    class synacks
                      match tcp syn
                      match tcp ack

                  class group end

                  class synacks commit 5%
                    match tcp syn
                    match tcp ack

                  class default

                  class background commit 4%
                    client torrents
                    server mytorrent
                    server mytorrenttransfers

SEE ALSO

fireqos(1) - FireQOS program

       • fireqos-interface(5) - QOS interface definition

       • fireqos-class(5) - QOS class definition

       • fireqos-match(5) - QOS traffic match

       • FireHOL Website (http://firehol.org/)

       • FireQOS Online PDF Manual (http://firehol.org/fireqos-manual.pdf)

       • FireQOS Online Documentation (http://firehol.org/documentation/)

       • tc(8) (http://lartc.org/manpages/tc.html) - show / manipulate traffic control settings

AUTHORS

       FireHOL Team.