On Sat, 23 Jul 2016 08:22:02 -0700
Tom Eastep wrote:
> On 07/20/2016 02:21 PM, jonetsu wrote:
> > Hello,
> >
> > Some time ago I did a user interface for DSCP marking, taking the
> > documentation from the tcrules of that time, in which it was
> > mentioned that the
On Tue, 11 Aug 2015 08:54:30 -0700
Tom Eastep teas...@shorewall.net wrote:
The attached patch applies with an offset.
Thanks, works fine ! Is there a need to patch shorewall6 also ?
--
On Sat, 08 Aug 2015 10:22:23 -0700
Tom Eastep teas...@shorewall.net wrote:
On 08/07/2015 12:27 PM, jonetsu wrote:
Would this be a bug ? It looks like the parsing for the presence of
the routeback option does not take into account the value.
Looks like a bug.
Would there be any chance
Hello,
To DSCP-mark the packets of a tunnel (not the packets inside) then
the egress interface by which the tunnel is going would be added to TC
as a device, a default TC class created, then a single rule with
whichever DSCP value configured, basically. Does this sound OK ? Is
there any catch
Hello,
Is there support within Shorewall for applying QoS to GRE ? Looks
like a popular way of doing that is be the use of a so-called
pre-classify option. Is there an equivalent in Linux or, any other way
to apply QoS to GRE ?
I've read somewhere the following although Im not sure what is
On Tue, 18 Nov 2014 18:54:23 -0800
Tom Eastep teas...@shorewall.net wrote:
On 11/18/2014 1:33 AM, jone...@teksavvy.com wrote:
On Mon, 17 Nov 2014 18:49:59 -0800
Tom Eastep teas...@shorewall.net wrote:
On 11/17/2014 6:32 PM, jone...@teksavvy.com wrote:
Yes. This is described
On Mon, 17 Nov 2014 18:49:59 -0800
Tom Eastep teas...@shorewall.net wrote:
On 11/17/2014 6:32 PM, jone...@teksavvy.com wrote:
Yes. This is described in the SFQ algorithm. And it happens
exactly like it is described, eg. each 10 seconds. Each 10 seconds
the SFQ algorithm will perturb
On Mon, 17 Nov 2014 16:59:46 -0800
Tom Eastep teas...@shorewall.net wrote:
On 11/17/2014 3:09 PM, jone...@teksavvy.com wrote:
Hello,
UDP packets are re-ordered when using QoS. QoS is using HTB
although as far as I understand it, the output of the HTB is given
to SFQs and there a re
Hello,
Although by its nature IPv6 renders nat obsolete, it seems that in
practice many small setups prefers to use NAT instead of an extended
(seemingly too complicated) IPv6 proper configuration. I was told that
a recent ip6tables now supports NAT. If this is true, will there be
also IPv6
Hello,
Thanks for your preceeding two replies - much appreciated !
I have three questions regarding running an IPv6 configuration which
could surely benefit from your experience, since they are not directly
related to Shorewall, but happens when using the IPv6 portion.
1) When shorewall6 is
Hello. Using Shorewall6 4.5.5.3 (Debian) and having the firewall
config files in /tmp/shorewall6/ I get: 'ERROR: Missing Action
File (/tmp/shorewall6/action.DropSmurfs)'. But I did not ask for
any smurf actions to be taken.
This is a very simple test firewall. Interfaces has no options
Hello,
For advanced TC, only tcrules can be different regarding IPv4/IPv6
because tcrules can contain IP addresses. So far, what I observed is
that an IPv6 rule must be processed by shorewall6. Which would make
sense. What I'm not sure about though, is that the 'IPv6 Support' says
that when
12 matches
Mail list logo