--On Monday, November 25, 2002 8:12 PM +0100 Sebastian 'spax' Pape
<[EMAIL PROTECTED]> wrote:
> Are these TOS-values standard for ssh and scp or do all
> ssh/scp-clients use the values they like? I searched the net, but
> haven't found anything usefull, yet.
Good question. In general, is there a
hi Martin,
I found almost the same except that my ssh-packets didn't have their
TOS-value set.
> So, one *should* be able to do something like this:
>
> # iptables -t filter -A FORWARD -m tos --tos 0x08 -j scpchain
> # iptables -t filter -A FORWARD -m tos --tos 0x10 -j sshchain
That's almost the
On Mon, 25 Nov 2002, Robert Penz wrote:
> could you please tell me how you match ssh and not scp with iptables?
I did almost the same as Martin suggested:
| So, one *should* be able to do something like this:
|
| # iptables -t filter -A FORWARD -m tos --tos 0x08 -j scpchain
| # iptables -t filte
Hello,
It's nice but ...
When I make ssh connection, it has tos 0x10. It's Ok.
When I use ssh with any commands, than tos is 0x8. (e.i ssh user@host su)
And little trick to end...
When I make ssh tunnel, it has tos 0x10 and so I can push data with
minimum delay tos.
I think that there is only poss
For posterity:
Data gathered with the following tcpdump command:
# tcpdump -nnqti eth0 port 22 and host y.y.y.y
ssh session:
x.x.x.x.48101 > y.y.y.y.22: tcp 48 (DF) [tos 0x10]
y.y.y.y.22 > x.x.x.x.48101: tcp 0 (DF)
y.y.y.y.22 > x.x.x.x.48101: tcp 48 (DF) [tos 0x10]
y.y.y.y.22 > x.x.x.x.4810
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Monday 25 November 2002 20:12, Sebastian 'spax' Pape wrote:
> I watched some packets with tcpdump and it also seems that scp packets
> all have the Maximize-Throughput 8 (0x08) TOS value, but all "pure
> ssh" packets have Normal-Service 0 (0x00). It
Hi,
You are out of luck here. There is no distinction between ssh and scp
at IP, TCP or the application layer for that matter. Basically scp is
a wrapper which uses ssh as the transfer method...
Ramin
On Mon, Nov 25, 2002 at 08:12:07PM +0100, Sebastian 'spax' Pape wrote:
> hi!
>
> I'd like to
hi!
I'd like to priorize ssh traffic, but of course I don't like scp to
get priorized, too. In the "actual script" of the howto priorization
is done with this:
| # TOS Minimum Delay (ssh, NOT scp) in 1:10:
| tc filter add dev $DEV parent 1:0 protocol ip prio 10 u32 \
| match ip tos 0x10 0xff