Hi! On Wed, 13 Aug 2003 12:01:16 +0200 Henning Brauer <[EMAIL PROTECTED]> wrote:
> there are various people now asking for a possibility to set the tos. > I tend to think it makes sense. > not sure about the syntax tho. >From my point of view it fits into the scrub scheme. Adding it to each rule (like flags, keep state, ...) would just pollute the rules. Same is true for the no-df, min-ttl, random-id, max-mss, ... options. >From my point of view setting TOS values should be independent of actual rules. Imagine the following set of rules: pass out quick on $ext_if proto icmp from $internal to any keep state pass in quick on $ext_if proto icmp all keep state You'd have to add the tos statement to both rules in case you want the replies to incoming icmp echo request packets to be passed out with a tos flag set. OTOH scrub out on $ext_if proto udp from any to $nameservers tos lowdelay would be the way I'd implement it. Hendrik -- Hendrik Scholz - <[EMAIL PROTECTED]> - http://raisdorf.net/ drag me, drop me - treat me like an object