Good point. Is there any reason I shouldn't put my rules on the mangle POSTROUTING table and kill 2 birds with one rule?$iptables -t mangle -A OUTPUT -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --sport 80 -j TOS --set-tos 0x08
You probably want this on the FORWARD chain to boost the performance of your actual client machines instead of just the firewall.
