1SHOREWALL-TCPRI(5)            Configuration Files           SHOREWALL-TCPRI(5)
2
3
4

NAME

6       tcpri - Shorewall file
7

SYNOPSIS

9       /etc/shorewall[6]/tcpri
10

DESCRIPTION

12       This file is used to specify the priority of traffic for simple traffic
13       shaping (TC_ENABLED=Simple in shorewall.conf[1](5)). Beginning with
14       Shorewall 5.2.7, the file allows ?FORMAT 2 which inserts a SPORT column
15       immediately to the right of the DPORT column.
16
17       The priority band of each packet is determined by the last entry that
18       the packet matches. If a packet doesn't match any entry in this file,
19       then its priority will be determined by its TOS field. The default
20       mapping is as follows but can be changed by setting the TC_PRIOMAP
21       option in shorewall.conf[1](5).
22
23           TOS     Bits  Means                    Linux Priority    BAND
24           ------------------------------------------------------------
25           0x0     0     Normal Service           0 Best Effort     2
26           0x2     1     Minimize Monetary Cost   1 Filler          3
27           0x4     2     Maximize Reliability     0 Best Effort     2
28           0x6     3     mmc+mr                   0 Best Effort     2
29           0x8     4     Maximize Throughput      2 Bulk            3
30           0xa     5     mmc+mt                   2 Bulk            3
31           0xc     6     mr+mt                    2 Bulk            3
32           0xe     7     mmc+mr+mt                2 Bulk            3
33           0x10    8     Minimize Delay           6 Interactive     1
34           0x12    9     mmc+md                   6 Interactive     1
35           0x14    10    mr+md                    6 Interactive     1
36           0x16    11    mmc+mr+md                6 Interactive     1
37           0x18    12    mt+md                    4 Int. Bulk       2
38           0x1a    13    mmc+mt+md                4 Int. Bulk       2
39           0x1c    14    mr+mt+md                 4 Int. Bulk       2
40           0x1e    15    mmc+mr+mt+md             4 Int. Bulk       2
41
42       The columns in the file are as follows.
43
44       BAND - {1|2|3}
45           Classifies matching traffic as High Priority (1), Medium Priority
46           (2) or Low Priority (3). For those interfaces listed in
47           shorewall-tcinterfaces[2](5), Priority 2 traffic will be deferred
48           so long and there is Priority 1 traffic queued and Priority 3
49           traffic will be deferred so long as there is Priority 1 or Priority
50           2 traffic to send.
51
52       PROTO - protocol[,...]
53           Optional. The name or number of an IPv4 protocol.
54
55           Beginning with Shorewall 4.5.12, this column can accept a
56           comma-separated list of protocols.
57
58       DPORT - port [,...]
59           This column was named PORT prior to Shorewall 5.2.7. Both 'port'
60           and 'dport' may be used in the alternate input format[3].
61
62           Optional. May only be given if the the PROTO is TCP (6), UDP (17),
63           DCCP (33), SCTP (132) or UDPLITE (136). A list of one or more port
64           numbers or service names from /etc/services. Port ranges of the
65           form lowport:highport may also be included. In format 1, packets
66           whose source or destination port matches the specified port(s) are
67           assigned to the band given in the BAND column.
68
69       SPORT - port [,...]
70           Only present in file format 2. Optional. May only be given if the
71           the PROTO is TCP (6), UDP (17), DCCP (33), SCTP (132) or UDPLITE
72           (136). A list of one or more port numbers or service names from
73           /etc/services. Port ranges of the form lowport:highport may also be
74           included.
75
76       ADDRESS - [address]
77           Optional. The IP or MAC address that the traffic originated from.
78           MAC addresses must be given in Shorewall format. If this column
79           contains an address, then the PROTO, PORT(S) and INTERFACE column
80           must be empty ("-").
81
82       INTERFACE - [interface]
83           Optional. The logical name of an interface that traffic arrives
84           from. If given, the PROTO, PORT(S) and ADDRESS columns must be
85           empty ("-").
86
87               Note
88               INTERFACE classification of packets occurs before
89               classification by PROTO/PORT(S)/ADDRESS. So it is highly
90               recommended to place entries that specify INTERFACE at the top
91               of the file so that the rule about last entry matches is
92               preserved.
93
94       HELPER - [helper]
95           Optional. Names a Netfilter protocol helper module such as ftp,
96           sip, amanda, etc. A packet will match if it was accepted by the
97           named helper module. You can also append "-" and a port number to
98           the helper module name (e.g., ftp-21) to specify the port number
99           that the original connection was made on.
100

FILES

102       /etc/shorewall/tcpri
103
104       /etc/shorewall6/tcpri
105

SEE ALSO

107       https://shorewall.org/configuration_file_basics.htm#Pairs[3]
108
109       prio(8), shorewall(8)
110

NOTES

112        1. shorewall.conf
113           https://shorewall.org/manpages/shorewall.conf.html
114
115        2. shorewall-tcinterfaces
116           https://shorewall.org/manpages/shorewall-tcinterfaces.html
117
118        3. alternate input format
119           https://shorewall.org/configuration_file_basics.htm#Pairs
120
121
122
123Configuration Files               09/24/2020                SHOREWALL-TCPRI(5)
Impressum