From: Sorin Panca <sorin.panca@gmail.com>
To: netfilter@lists.netfilter.org
Subject: Re: How would this help my LAN / network
Date: Fri, 07 Oct 2005 18:16:14 +0300 [thread overview]
Message-ID: <4346913E.6070501@gmail.com> (raw)
In-Reply-To: <4346866D.8080900@eccotours.dyndns.org>
Brent Clark wrote:
> HI all
>
> I just came across one of the threads on the LARTC.
> In the thread it had this.
>
> So my question is, for the following rules, would these increase my
> browsing / traffic, and if so, how.
>
Small packets and control pachets should have priority because they
carry intrractive traffic.
> iptables -t mangle -A PREROUTING -p tcp -m tcp --tcp-flags SYN,RST,ACK
> ACK -m length --length 0:128 -j TOS --set-tos Minimize-Delay
Large packets are for upload or download. They can wait until people
open their html pages. Some p2p applications are ill-behaved and they
send large control packets for carrying payloads.
> iptables -t mangle -A PREROUTING -p tcp -m tcp --tcp-flags SYN,RST,ACK
> ACK -m length --length 128: -j TOS --set-tos Maximize-Throughput
Port 20 = ftp-data is the data channel in ftp transactions. We have file
transfer in that channel.
> iptables -t mangle -A PREROUTING -p tcp -m tcp --sport 20 -j TOS
> --set-tos Maximize-Throughput
Port 21 - ftp is the ftp control channel. when you stop a transfer or
acknoledge something you need the program to respond at your action very
quick.
> iptables -t mangle -A PREROUTING -p tcp -m tcp --sport 21 -j TOS
> --set-tos Minimize-Delay
Port 22 - ssh: when you remotely manage a computer, and if you press a
key on your keyboard, the letter must appear almost when you press the key.
> iptables -t mangle -A PREROUTING -p tcp -m tcp --sport 22 -j TOS
> --set-tos Minimize-Delay
Port 53 - domain: when someone is browsing the Internet and waits for a
page to load, the Internet must translate quick the site address in the
IP address, so the user waits less for the page to start to load.
> iptables -t mangle -A PREROUTING -p udp -m udp --sport 53 -j TOS
> --set-tos Maximize-Throughput
Port 80 - http: this is from where the pages come and the requests for
them go. The system must respond quickly (we have fast computers these
days, don't we?)
> iptables -t mangle -A PREROUTING -p tcp -m tcp --sport 80 -j TOS
> --set-tos Maximize-Throughput
( I don't know this port and i am too lazy to open /etc/services)
> iptables -t mangle -A PREROUTING -p udp -m udp --sport 123 -j TOS
> --set-tos Minimize-Delay
Where are https, irc, messengers... ?
>
> If someone would take the time to briefly explain this to me, I would be
> most grateful.
>
> Kind Regards
> Brent Clark
>
>
next prev parent reply other threads:[~2005-10-07 15:16 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-10-07 14:30 How would this help my LAN / network Brent Clark
2005-10-07 15:16 ` Sorin Panca [this message]
2005-10-07 16:08 ` Brent Clark
2005-10-07 16:21 ` Rob Sterenborg
2005-10-07 16:40 ` Sorin Panca
2005-10-07 16:45 ` Gregory G Carter
2005-10-07 17:12 ` John A. Sullivan III
2005-10-07 17:36 ` Sorin Panca
2005-10-07 16:36 ` Brent Clark
2005-10-07 17:21 ` Sorin Panca
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4346913E.6070501@gmail.com \
--to=sorin.panca@gmail.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox