Hi, I can only point out one gotcha that I also ran into: On 1/19/07, Jim Duda <[EMAIL PROTECTED]> wrote: > I'm having troubles with my outbound VOIP connection. I'm convinced > that I don't have QOS/traffic shaping configured properly in my > shorewall linux firewall, which serves as my Asterisk VOIP server and > Internet router/gateway. I don't have a separate router box. I've been > > ... [cut] ... > > /etc/shorewall/tcrules: > 1 0.0.0.0/0 0.0.0.0/0 udp 4569 > 1 0.0.0.0/0 0.0.0.0/0 tcp 4569 > 1 0.0.0.0/0 0.0.0.0/0 udp 5060 > 1 0.0.0.0/0 0.0.0.0/0 tcp 5060 > 2 0.0.0.0/0 0.0.0.0/0 icmp echo-request > 2 0.0.0.0/0 0.0.0.0/0 icmp echo-reply > 3 0.0.0.0/0 0.0.0.0/0 tcp 20 > 3 0.0.0.0/0 0.0.0.0/0 tcp 21 > 3 0.0.0.0/0 0.0.0.0/0 tcp 22 > 4 0.0.0.0/0 0.0.0.0./0 all - - - !0
Since the traffic originates on the firewall, you need to specify $FW as the source in tcrules, or it won't mark the traffic. Hope that helps! ~David ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
