Configuring a Firewall to prefer certain traffic...
David A. Sinck
plug-discuss@lists.PLUG.phoenix.az.us
Mon, 30 Apr 2001 08:21:08 -0700
\_ SMTP quoth der.hans on 4/30/2001 00:39 as having spake thusly:
\_
\_ > Is it possible to configure a linux firewall to prefer traffic from a
\_ > certain host? In other words, if you have 2 hosts on a network, and
\_ > one is doing a download, if the second one starts something up, it
\_ > will *NOT* be affected by the download on the first box, but the first
\_ > box's traffic will slow down to allow the second one through?
\_
\_ # Speed up telnet and ssh connects
\_ # ipchains -A ext-in -p TCP -s 0/0 23 -t 0x01 0x10
\_ # ipchains -A ext-out -p TCP -d 0/0 23 -t 0x01 0x10
\_ ipchains -A ext-in -p TCP -s 0/0 22 -t 0x01 0x10
\_ ipchains -A ext-out -p TCP -d 0/0 22 -t 0x01 0x10
Golly, telnet isn't sped up? Why not? :-)
In addition to these fun fun rules, you can also tweak ftp to send
packets as large as possible (IIRC).
Also, there's a 'shaper' module that I've seen go buy on various
kernel installs/builds. YMMV.
David