>> What is the difference between the priority you introduce with your >> patch and the PRIORITY column in tcclasses? How is the priority of >> classes described in tcrules determined then, if it is not the one >> defined in the PRIORITY column in tclcasses? > > The priority of filter rules determines the order in which they are > evaluated. This priority is involved in classifying packets. If no rule > of priority 1 classifies the packet then the rule(s) at priority 2 (if > any) are evaluated. If the packet is still not classified then the rules > at priority 3 (if any) are evaluated. > > Once the packet is classified and assigned to a class, then the class's > priority determines the service given to the packet. Call me thick, but I still don't get it!
Where do you currently use the priority specified in the PRIORITY column in tcclasses? Am I right in assuming that this is a different "priority" which is present in the tc statements, which you just added in your patch (to be specified in tcfilters)? Also, how is the priority for outgoing packets determined (those that are defined in tcrules)? The reason I am asking this is because there will be the same scenario for possible multiple matches as I described in my initial post, so how is this dealt with currently in shorewall? ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
