On Fri, 19 Sep 2003, Mickael DILY wrote: > I would like to add the following line to my firewall > iptables -A PREROUTING -t mangle -p tcp --sport ssh -j TOS --set-tos\ > Minimize-Delay > iptables -A PREROUTING -t mangle -p tcp --sport ftp -j TOS --set-tos\ > Minimize-Delay > iptables -A PREROUTING -t mangle -p tcp --sport ftp -j TOS --set-tos\ > Maximize-Throughput I thought you could set only one type of service on a packet. Did you perhaps mean "--sport http" in the middle line? Though given the bloated advertisement-crammed web pages we often see, maybe "Maximize-Throughput" would be more appropriate (just joking; each advt. needs a separate connection and so "Minimize-Delay" is what you want.) > When i do this, nothing tells me if it is good or bad. I presume it is good. > But, when i list my iptables, i see nothing in the rule PREROUTING. > I think it is not normal. Where do i bug ? Did you actually list the mangle table with all the special arguments? E.g. "iptables -t mangle -L -v". James F. Carter Voice 310 825 2897 FAX 310 206 6673 UCLA-Mathnet; 6115 MSA; 405 Hilgard Ave.; Los Angeles, CA, USA 90095-1555 Email: jimc@xxxxxxxxxxxxx http://www.math.ucla.edu/~jimc (q.v. for PGP key)
