Re: [Shorewall-users] Qos and VOIP

Fri, 14 Dec 2007 16:23:13 -0800 

 


Mike wrote:

> Tom
>       Following your logic above would be:
> 2:11       $FW                eth0                    udp     1194
> 3:11       $FW                tun1                    udp     1194

> tun1 is the third interface listed in tcdevices

Mike,

Please don't post your reply below the "--". Most mailers delete that part
of the post when replying.

Your rule for tun1 is silly; no udp 1194 traffic will go THROUGH the tunnel.
That protocol/port is used to carry the tunneled traffic itself.

-Tom




Then would this make sense:
<snip from mangle>
Chain tcpost (1 references)
 pkts bytes target     prot opt in     out     source
destination         
  436 20588 CLASSIFY   all  --  *      *       10.19.227.18
0.0.0.0/0           CLASSIFY set 3:11 
  284 34640 CLASSIFY   udp  --  *      eth1    0.0.0.0/0
0.0.0.0/0           multiport dports 7788 CLASSIFY set 2:11 
    3   258 CLASSIFY   all  --  *      *       10.19.227.4
10.194.79.55        CLASSIFY set 3:11 
    3   258 CLASSIFY   all  --  *      *       10.19.227.4
10.194.79.55        CLASSIFY set 3:11 
    0     0 CLASSIFY   all  --  *      *       10.192.139.240
0.0.0.0/0           CLASSIFY set 2:11 


3:11       10.19.227.18         0.0.0.0/0               ALL   -----any thing
destin from voip box to anywhere through tun1
        
gets a packet mark of '1' 
2:11       $FW                  eth1                   udp      7788 ---note
not 1194



#INTERFACE      IN-BANDWITH     OUT-BANDWIDTH
eth0    3000kbit        1152kbit
eth1    768kbit         768kbit
tun1    768kbit         768kbit
tun2    768kbit         768kbit

#INTERFACE      MARK    RATE    CEIL    PRIORITY        OPTIONS
eth0            1       full            full            1  
eth0            2       full/4          full            2 
eth0            3       full/4          full            3  default
eth0            4       full/8          full*8/10       4
#
#
eth1            1       full            full            1 
eth1            2       full/4          full            2 
eth1            3       full/4          full            3  default
eth1            4       full/8          full*8/10       4
##
#
tun1            1       full            full            1 
tun1            2       full/4          full            2  default
tun1            3       full/8          full*8/10       3  
#
tun2            1       full            full            1 
tun2            2       full/4          full            2 default
tun2            3       full/8          full*8/10       3  
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE





-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services
for just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to