From: Sorin Panca <sorin.panca@gmail.com>
To: netfilter@lists.netfilter.org
Subject: Re: How would this help my LAN / network
Date: Fri, 07 Oct 2005 18:16:14 +0300 [thread overview]
Message-ID: <4346913E.6070501@gmail.com> (raw)
In-Reply-To: <4346866D.8080900@eccotours.dyndns.org>
Brent Clark wrote:
> HI all
>
> I just came across one of the threads on the LARTC.
> In the thread it had this.
>
> So my question is, for the following rules, would these increase my
> browsing / traffic, and if so, how.
>
Small packets and control pachets should have priority because they
carry intrractive traffic.
> iptables -t mangle -A PREROUTING -p tcp -m tcp --tcp-flags SYN,RST,ACK
> ACK -m length --length 0:128 -j TOS --set-tos Minimize-Delay
Large packets are for upload or download. They can wait until people
open their html pages. Some p2p applications are ill-behaved and they
send large control packets for carrying payloads.
> iptables -t mangle -A PREROUTING -p tcp -m tcp --tcp-flags SYN,RST,ACK
> ACK -m length --length 128: -j TOS --set-tos Maximize-Throughput
Port 20 = ftp-data is the data channel in ftp transactions. We have file
transfer in that channel.
> iptables -t mangle -A PREROUTING -p tcp -m tcp --sport 20 -j TOS
> --set-tos Maximize-Throughput
Port 21 - ftp is the ftp control channel. when you stop a transfer or
acknoledge something you need the program to respond at your action very
quick.
> iptables -t mangle -A PREROUTING -p tcp -m tcp --sport 21 -j TOS
> --set-tos Minimize-Delay
Port 22 - ssh: when you remotely manage a computer, and if you press a
key on your keyboard, the letter must appear almost when you press the key.
> iptables -t mangle -A PREROUTING -p tcp -m tcp --sport 22 -j TOS
> --set-tos Minimize-Delay
Port 53 - domain: when someone is browsing the Internet and waits for a
page to load, the Internet must translate quick the site address in the
IP address, so the user waits less for the page to start to load.
> iptables -t mangle -A PREROUTING -p udp -m udp --sport 53 -j TOS
> --set-tos Maximize-Throughput
Port 80 - http: this is from where the pages come and the requests for
them go. The system must respond quickly (we have fast computers these
days, don't we?)
> iptables -t mangle -A PREROUTING -p tcp -m tcp --sport 80 -j TOS
> --set-tos Maximize-Throughput
( I don't know this port and i am too lazy to open /etc/services)
> iptables -t mangle -A PREROUTING -p udp -m udp --sport 123 -j TOS
> --set-tos Minimize-Delay
Where are https, irc, messengers... ?
>
> If someone would take the time to briefly explain this to me, I would be
> most grateful.
>
> Kind Regards
> Brent Clark
>
>
next prev parent reply other threads:[~2005-10-07 15:16 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-10-07 14:30 How would this help my LAN / network Brent Clark
2005-10-07 15:16 ` Sorin Panca [this message]
2005-10-07 16:08 ` Brent Clark
2005-10-07 16:21 ` Rob Sterenborg
2005-10-07 16:40 ` Sorin Panca
2005-10-07 16:45 ` Gregory G Carter
2005-10-07 17:12 ` John A. Sullivan III
2005-10-07 17:36 ` Sorin Panca
2005-10-07 16:36 ` Brent Clark
2005-10-07 17:21 ` Sorin Panca
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4346913E.6070501@gmail.com \
--to=sorin.panca@gmail.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.