1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
# ident "%Z%%M% %I% %E% SMI"
#
# Copyright 2005 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License"). You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
# Mandatory file version identifier
fmt_version 1.0
# This configuration marks video traffic for EF PHB, i.e. Expedited Forwarding.
# Mail traffic is marked for AF11, anonymous user FTP traffic for AF12 and news
# traffic for AF13 PHBs, i.e. Assured Forwarding class 1 with drop precedences
# low medium and high respectively.
# For information on AF and EF PHBs refer to the IPQoS Administration Guide or
# the RFCs 2597 and 2598 respectively.
#
# Before this configuration file can be applied the sport parameter of the
# filter videoout needs to be given a valid port number/service name of a
# service whose traffic you wish to apply EF to and the uid parameter of the
# filter ftpout needs to be given the uid of the user ftp. The ftp user account
# is the one used by the ftp server for anonymous logins, thus filtering on
# this enables us to capture anonymous ftp user traffic.
action {
module ipgpc
# Name must be ipgpc.classify for ipgpc action.
name ipgpc.classify
class {
name video
next_action markEF
}
class {
name mail
next_action markAF11
}
class {
name ftp
next_action markAF12
}
class {
name news
next_action markAF13
}
filter {
name videoout
# Source port of video traffic, given by __videoport__.
sport __videoport__
# Locally generated outbound traffic.
direction LOCAL_OUT
class video
}
filter {
name mailout
sport smtp
direction LOCAL_OUT
class mail
}
# This filter catches anonymous ftp user outgoing traffic.
filter {
name ftpout
direction LOCAL_OUT
# Traffic generated by ftp user, given by __ftp-uid__.
uid __ftp-uid__
class ftp
}
filter {
name newsout
sport nntp
direction LOCAL_OUT
class news
}
}
# Mark the DSCP with code point EF, 101110 = 46.
action {
module dscpmk
name markEF
params {
# Set all 64 entries of dscp_map to 46 decimal.
dscp_map {0-63:46}
next_action continue
}
}
# Mark the DSCP with code point AF11, 001010 = 10.
action {
module dscpmk
name markAF11
params {
dscp_map {0-63:10}
next_action continue
}
}
# Mark the DSCP with code point AF12, 001100 = 12.
action {
module dscpmk
name markAF12
params {
dscp_map {0-63:12}
next_action continue
}
}
# Mark the DSCP with code point AF13, 001110 = 14.
action {
module dscpmk
name markAF13
params {
dscp_map {0-63:14}
next_action continue
}
}
|
