Mike wrote: > Something is weird with this mail client.. had to copy & paste > > Mike wrote: > I have tried the following for some test until Glenn and I try passing Tos > bit through openvpn with the passtos directive which seems to be supported > now with openvpn. In my case here there is traffic from > 10.19.227.18 which is a pbs phone box with h323 udp traffic for voip and > Remote Desktop 3389 no other traffic but these two above. > When you state "And you probably also want to give the open VPN traffic > itself (usually UDP 1194) a boost on the external interface." > Would the two rules work below > 2:11 10.19.227.18 0.0.0.0/0 ALL > 3:11 10.19.227.18 0.0.0.0/0 ALL > I think Tom is referring to openvpn traffic carried on port 1194 between the firewalls. That source would be the external interface and not the phone box. I'm not quite up-to-date on the Qos stuff, but I think the rule would look like: 2:11 $FW 0.0.0.0/0 udp 1194 3:11 $FW 0.0.0.0/0 udp 1194
Jerry ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
