'\" t .\" Title: shorewall-tcinterfaces .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.79.1 .\" Date: 09/24/2020 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" .TH "SHOREWALL\-TCINTERFA" "5" "09/24/2020" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .\" http://bugs.debian.org/507673 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .\" ----------------------------------------------------------------- .\" * MAIN CONTENT STARTS HERE * .\" ----------------------------------------------------------------- .SH "NAME" tcinterfaces \- Shorewall file .SH "SYNOPSIS" .HP \w'\fB/etc/shorewall[6]/tcinterfaces\fR\ 'u \fB/etc/shorewall[6]/tcinterfaces\fR .SH "DESCRIPTION" .PP This file lists the interfaces that are subject to simple traffic shaping\&. Simple traffic shaping is enabled by setting TC_ENABLED=Simple in \m[blue]\fBshorewall\&.conf\fR\m[]\&\s-2\u[1]\d\s+2(5)\&. .PP A note on the \fIbandwidth\fR definition used in this file: .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} don\*(Aqt use a space between the integer value and the unit: 30kbit is valid while 30 kbit is not\&. .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} you can use one of the following units: .PP \fBkbps\fR .RS 4 Kilobytes per second\&. .RE .PP \fBmbps\fR .RS 4 Megabytes per second\&. .RE .PP \fBkbit\fR .RS 4 Kilobits per second\&. .RE .PP \fBmbit\fR .RS 4 Megabits per second\&. .RE .PP \fBbps\fR or \fBnumber\fR .RS 4 Bytes per second\&. .RE .PP k or kb .RS 4 Kilo bytes\&. .RE .PP m or mb .RS 4 Megabytes\&. .RE .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} Only whole integers are allowed\&. .RE .PP The columns in the file are as follows (where the column name is followed by a different name in parentheses, the different name is used in the alternate specification syntax)\&. .PP \fBINTERFACE\fR .RS 4 The logical name of an interface\&. If you run both IPv4 and IPv6 Shorewall firewalls, a given interface should only be listed in one of the two configurations\&. .RE .PP \fBTYPE\fR \- [\fBexternal\fR|\fBinternal\fR] .RS 4 Optional\&. If given specifies whether the interface is \fBexternal\fR (facing toward the Internet) or \fBinternal\fR (facing toward a local network) and enables SFQ flow classification\&. .RE .PP \fBIN\-BANDWIDTH (in_bandwidth)\fR \- {\-|\fIbandwidth\fR[:\fIburst\fR]|~\fIbandwidth\fR[:\fIinterval\fR:\fIdecay_interval\fR]} .RS 4 The incoming \fIbandwidth\fR of that interface\&. Please note that you are not able to do traffic shaping on incoming traffic, as the traffic is already received before you could do so\&. But this allows you to define the maximum traffic allowed for this interface in total, if the rate is exceeded, the packets are dropped\&. You want this mainly if you have a DSL or Cable connection to avoid queuing at your providers side\&. .sp If you don\*(Aqt want any traffic to be dropped, set this to a value to zero in which case Shorewall will not create an ingress qdisc\&.Must be set to zero if the REDIRECTED INTERFACES column is non\-empty\&. .sp The optional burst option was added in Shorewall 4\&.4\&.18\&. The default \fIburst\fR is 10kb\&. A larger \fIburst\fR can help make the \fIbandwidth\fR more accurate; often for fast lines, the enforced rate is well below the specified \fIbandwidth\fR\&. .sp What is described above creates a rate/burst policing filter\&. Beginning with Shorewall 4\&.4\&.25, a rate\-estimated policing filter may be configured instead\&. Rate\-estimated filters should be used with Ethernet adapters that have Generic Receive Offload enabled by default\&. See \m[blue]\fBShorewall FAQ 97a\fR\m[]\&\s-2\u[2]\d\s+2\&. .sp To create a rate\-estimated filter, precede the bandwidth with a tilde ("~")\&. The optional interval and decay_interval determine how often the rate is estimated and how many samples are retained for estimating\&. Please see \m[blue]\fBhttp://ace\-host\&.stuart\&.id\&.au/russell/files/tc/doc/estimators\&.txt\fR\m[] for details\&. If not specified, the default \fIinterval\fR is 250ms and the default \fIdecay_interval\fR is 4sec\&. .RE .PP OUT\-BANDWIDTH (out_bandwidth) \- [\fIrate\fR[:[\fIburst\fR][:[\fIlatency\fR][:[\fIpeek\fR][:[\fIminburst\fR]]]]]] .RS 4 Added in Shorewall 4\&.4\&.13\&. The terms are defined in tc\-tbf(8)\&. .sp Shorewall provides defaults as follows: .RS 4 \fIburst\fR \- 10kb .RE .RS 4 \fIlatency\fR \- 200ms .RE The remaining options are defaulted by tc(8)\&. .RE .SH "FILES" .PP /etc/shorewall/tcinterfaces .PP /etc/shorewall6/tcinterfaces .SH "SEE ALSO" .PP \m[blue]\fBhttp://ace\-host\&.stuart\&.id\&.au/russell/files/tc/doc/sch_tbf\&.txt\fR\m[] .PP \m[blue]\fBhttp://ace\-host\&.stuart\&.id\&.au/russell/files/tc/doc/estimators\&.txt\fR\m[] .PP shorewall(8) .SH "NOTES" .IP " 1." 4 shorewall.conf .RS 4 \%https://shorewall.org/manpages/shorewall.conf.html .RE .IP " 2." 4 Shorewall FAQ 97a .RS 4 \%https://shorewall.org/FAQ.htm#faq97a .RE