On Mon, Apr 27, 2009 at 10:32:05AM -0700, Fred Picher wrote: > I'd like to use DSCP marking on incoming packets and since I'm using > Shorewall, I thought of making an addition. I must say I haven't tried DSCP > marking yet, but it looks supported by Netfilter using a dedicated DCSP > target since quite some time. > > eg.: > > iptables -t mangle -A FORWARD -p tcp --dport 80 -j DSCP --set-dscp 1 > > So, in order to size the task at hand I thought about asking here if anyone > has already tried adding DSCP before and if so, what was the experience ? Or > any other background information on marking packets in such a way. > > Thanks for any suggestion/hint/info.
We were about to try and add the same thing here. We haven't looked into where in shorewall it would fit yet. I figure being able to make rules that mark the DSCP/tos field on incoming packets before any tc rules are applied, as well as marking outbound packets based on how tc rules marked the packets would both be useful. -- Len Sorensen ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensign option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
