1SHOREWALL-TCPRI(5) Configuration Files SHOREWALL-TCPRI(5)
2
6 tcpri - Shorewall file
7
9 /etc/shorewall[6]/tcpri
10
12 This file is used to specify the priority of traffic for simple traffic
13 shaping (TC_ENABLED=Simple in shorewall.conf[1](5)). The priority band
14 of each packet is determined by the last entry that the packet matches.
15 If a packet doesn't match any entry in this file, then its priority
16 will be determined by its TOS field. The default mapping is as follows
17 but can be changed by setting the TC_PRIOMAP option in
18 shorewall.conf[1](5).
19 TOS Bits Means Linux Priority BAND
21 ------------------------------------------------------------
22 0x0 0 Normal Service 0 Best Effort 2
23 0x2 1 Minimize Monetary Cost 1 Filler 3
24 0x4 2 Maximize Reliability 0 Best Effort 2
25 0x6 3 mmc+mr 0 Best Effort 2
26 0x8 4 Maximize Throughput 2 Bulk 3
27 0xa 5 mmc+mt 2 Bulk 3
28 0xc 6 mr+mt 2 Bulk 3
29 0xe 7 mmc+mr+mt 2 Bulk 3
30 0x10 8 Minimize Delay 6 Interactive 1
31 0x12 9 mmc+md 6 Interactive 1
32 0x14 10 mr+md 6 Interactive 1
33 0x16 11 mmc+mr+md 6 Interactive 1
34 0x18 12 mt+md 4 Int. Bulk 2
35 0x1a 13 mmc+mt+md 4 Int. Bulk 2
36 0x1c 14 mr+mt+md 4 Int. Bulk 2
37 0x1e 15 mmc+mr+mt+md 4 Int. Bulk 2
38 The columns in the file are as follows.
40 BAND - {1|2|3}
42 Classifies matching traffic as High Priority (1), Medium Priority
43 (2) or Low Priority (3). For those interfaces listed in
44 shorewall-tcinterfaces[2](5), Priority 2 traffic will be deferred
45 so long and there is Priority 1 traffic queued and Priority 3
46 traffic will be deferred so long as there is Priority 1 or Priority
47 2 traffic to send.
48 PROTO - protocol[,...]
50 Optional. The name or number of an IPv4 protocol.
51 Beginning with Shorewall 4.5.12, this column can accept a
53 comma-separated list of protocols.
54 PORT(S) - port [,...]
56 Optional. May only be given if the the PROTO is TCP (6), UDP (17),
57 DCCP (33), SCTP (132) or UDPLITE (136). A list of one or more port
58 numbers or service names from /etc/services. Port ranges of the
59 form lowport:highport may also be included.
60 ADDRESS - [address]
62 Optional. The IP or MAC address that the traffic originated from.
63 MAC addresses must be given in Shorewall format. If this column
64 contains an address, then the PROTO, PORT(S) and INTERFACE column
65 must be empty ("-").
66 INTERFACE - [interface]
68 Optional. The logical name of an interface that traffic arrives
69 from. If given, the PROTO, PORT(S) and ADDRESS columns must be
70 empty ("-").
71 Note
73 INTERFACE classification of packets occurs before
74 classification by PROTO/PORT(S)/ADDRESS. So it is highly
75 recommended to place entries that specify INTERFACE at the top
76 of the file so that the rule about last entry matches is
77 preserved.
78 HELPER - [helper]
80 Optional. Names a Netfilter protocol helper module such as ftp,
81 sip, amanda, etc. A packet will match if it was accepted by the
82 named helper module. You can also append "-" and a port number to
83 the helper module name (e.g., ftp-21) to specify the port number
84 that the original connection was made on.
85
87 /etc/shorewall/tcpri
88 /etc/shorewall6/tcpri
90
92 http://www.shorewall.net/configuration_file_basics.htm#Pairs[3]
93 prio(8), shorewall(8)
95
97 1. shorewall.conf
98 http://www.shorewall.net/manpages/shorewall.conf.html
99 2. shorewall-tcinterfaces
101 http://www.shorewall.net/manpages/shorewall-tcinterfaces.html
102 3. http://www.shorewall.net/configuration_file_basics.htm#Pairs
104 http://www.shorewall.net/configuration_file_basics.htm#Pairs
105Configuration Files 01/17/2019 SHOREWALL-TCPRI(5)