Shorewall Guy wrote: > Grant wrote: >>> If you are running servers (including SSHD), your rules are not good at >>> all since they categorize traffic only by DEST PORT. Responses from >>> servers need to be categorized by SOURCE PORT. >> I've been trying to get my mind around this but I can't seem to. >> Responses from my servers will have a DEST PORT too right? That won't >> work for classification? > > It's disheartening to have to explain the very basic principles of > sockets to people but here goes.
I've added Shorewall Guy's writeup to the traffic shaping page under the description of the tcrules file (and I've corrected his typos ;-) ) -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peasefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
