I have the following for a site with VOIP and a pretty narrow outbound pipe. I have no idea if it is ideal. To me, the most critical setting is TCDEVICES. If you can tweak this while the line is being heavily utilized, you can set this progressively lower until there is a dramatic reduction in latency (which I simply use response in my remote SSH session to determine). Not scientific, but it seems to work for me. For the rest of it, I relied heavily on shorewall.net and Tom's examples.
- Bob shorewall.conf: TC_ENABLED=Internal TCRULES ======= 1 0.0.0.0/0 0.0.0.0/0 tcp 53 1 0.0.0.0/0 0.0.0.0/0 udp 53 #Normal Traffic - probably not needed as is default. 3 0.0.0.0/0 0.0.0.0/0 all #Phones 2 192.168.21.50/0 0.0.0.0/0 all 2 192.168.21.52/0 0.0.0.0/0 all #Guest System 4 192.168.21.53 0.0.0.0/0 all #SMTP 4 0.0.0.0/0 0.0.0.0/0 tcp 25 TCDEVICES: ========= ppp0 0kbit 500kbit TCCLASSES ========= #DNS ppp0 1 5*full/100 75*full/100 1 tcp-ack,tos-minimize-delay #Phones ppp0 2 80*full/100 full 2 tos-minimize-delay ##Normal ppp0 3 10*full/100 90*full/100 3 default #Limited ppp0 4 5*full/100 75*full/100 4 ------------------------------------------------------------------------------ Own the Future-Intel(R) Level Up Game Demo Contest 2013 Rise to greatness in Intel's independent game demo contest. Compete for recognition, cash, and the chance to get your game on Steam. $5K grand prize plus 10 genre and skill prizes. Submit your demo by 6/6/13. http://altfarm.mediaplex.com/ad/ck/12124-176961-30367-2 _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
