Setting ToS using iptables

It is possible to set ToS using iptables. The pity is that only 5 values are valid: iptables -m tos -h
  • Minimize-Delay 16 (0×10)
  • Maximize-Throughput 8 (0×08)
  • Maximize-Reliability 4 (0×04)
  • Minimize-Cost 2 (0×02)
  • Normal-Service 0 (0×00)
As you noticed, only one of 4 bits (11, 12, 13, 14) from ToS octet can be set Sample firewall rules:
iptables -t mangle -N mark-tos
iptables -t mangle -A OUTPUT -j mark-tos
iptables -t mangle -A mark-tos -p icmp -j TOS --set-tos 16
In example only icmp packets are marked. Setting ToS using iptables isn’t so useful as setting DSCP.

Comments

Post a Comment