NAT examples and TOS syntax ?
James Morris
jmorris@intercode.com.au
Thu, 6 Jul 2000 22:41:55 +1000 (EST)
On Thu, 6 Jul 2000, Michael A. Dietz wrote:
> I'm going to be "migrating" from a dialup connection with 6 valid internet
> addresses to a DSL connection with one static valid internet IP. I will
> still need the other machines to be able to get out, and the one static
> valid internet IP must be able to receive new incoming http,ftp,smtp,pop3
> requests as well as established connections.
>
> >From my limited reading it appears that I should be using static nat
> instead of masquerading in this situation. However, I am unable to find
> any examples of the commands I need to pass iptables. I've setup NAT on a
> cisco router at work so I know the concept, assuming it works the same.
> However, a real life example would really clarify the syntax for me.
Masquerading should work fine for this.
>
> Also, I'm trying to setup TOS to minimize delay for certain connections,
> however, I keep getting errors..
>
> #iptables -A OUTPUT -p tcp -d 0/0 --dport ssh -m tos Minimize-Delay
>
> doesn't seem to work.
>
One of the big changes with iptables is that matching and modifying
packets are independent operations.
To modify TOS, use the mangle table, and in your case, it would probably
be something like:
# iptables -t mangle -A OUTPUT -p tcp --dport ssh -j TOS --set-tos Minimize-Delay
Note that you need to specify '-p' to use '--dport'.
- James
--
James Morris
<jmorris@intercode.com.au>