> > > I'm a little confused about the CLEAR_TC parameter. I understand it > clears shaping rules when Shorewall starts but is it required to be a > particular value in either HTB scenario I mention? >
The CLEAR_TC=Yes causes Shorewall to clear all TC rules when Shorewall is started *or restarted*. So unless /etc/shorewall/tcstart recreates your HTB ruleset, you probably want CLEAR_TC=No. Otherwise, a "shorewall restart" will remove your traffic shaping configuration. TC_ENABLED simply enables processing of the /etc/shorewall/tcrules file and causes Shorewall to look for /etc/shorewall/tcstart (if that file doesn't exist, Shorewall doesn't complain). This allows the tcrules file to perform packet marking for reasons other than traffic shaping such as policy routing. In summary, if you want to configure traffic shaping independent of Shorewall, you definitely want CLEAR_TC=No. You can set ENABLE_TC=Yes if you want Shorewall to mark packets using fwmark independent of the setting of CLEAR_TC. Hope that makes it clearer. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline \ http://www.shorewall.net Washington, USA \ [EMAIL PROTECTED] ------------------------------------------------------- This SF.Net email sponsored by: ApacheCon 2003, 16-19 November in Las Vegas. Learn firsthand the latest developments in Apache, PHP, Perl, XML, Java, MySQL, WebDAV, and more! http://www.apachecon.com/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
