Re: How would this help my LAN / network

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Sorin Panca wrote:


Small packets and control pachets should have priority because they
carry intrractive traffic.


HI

I just had this other Idea,

I have a few services running in my private LAN, - Rules as so:

# To allow PPL to see PORT 80 and 443 for a particular webserver
$IPT -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.111.11:80
$IPT -t filter -A FORWARD -i eth0 -p tcp --dport 80 -d 192.168.111.11 -j ACCEPT
$IPT -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to 192.168.111.11:443
$IPT -t filter -A FORWARD -i eth0 -p tcp --dport 443 -d 192.168.111.11 -j ACCEPT

# TO ALLOW SMTP
$IPT -t nat -A PREROUTING -i eth0 -p tcp --dport 25 -j DNAT --to 192.168.111.11:25
$IPT -t filter -A FORWARD -i eth0 -p tcp --dport 25 -d 192.168.111.11 -j ACCEPT

Can / should I use this following to help my internal web / mail server.

$IPT -t mangle -A PREROUTING -p tcp -m tcp --sport 80 -j TOS --set-tos Maximize-Throughput
$IPT -t mangle -A PREROUTING -p tcp -m tcp --sport 25 -j TOS --set-tos Maximize-Throughput

Just something I was thinking.

Kind Regards
Brent Clark
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux