File: //usr/share/shorewall/configfiles/tcdevices.annotated
#
# Shorewall -- /etc/shorewall/tcdevices
#
# For information about entries in this file, type "man shorewall-tcdevices"
#
# See http://shorewall.net/traffic_shaping.htm for additional information.
#
###############################################################################
#
# Entries in this file define the bandwidth for interfaces on which you want
# traffic shaping to be enabled.
#
# If you do not plan to use traffic shaping for a device, don't put it in here as
# it limits the throughput of that device to the limits you set here.
#
# A note on the bandwidth definitions used in this file:
#
# • don't use a space between the integer value and the unit: 30kbit is valid
# while 30 kbit is not.
#
# • you can use one of the following units:
#
# kbps
#
# Kilobytes per second.
#
# mbps
#
# Megabytes per second.
#
# kbit
#
# Kilobits per second.
#
# mbit
#
# Megabits per second.
#
# bps or number
#
# Bytes per second.
#
# • Only whole integers are allowed.
#
# The columns in the file are as follows (where the column name is followed by a
# different name in parentheses, the different name is used in the alternate
# specification syntax).
#
# INTERFACE - [number:]interface
#
# Name of interface. Each interface may be listed only once in this file. You
# may NOT specify the name of an alias (e.g., eth0:0) here; see http://
# www.shorewall.net/FAQ.htm#faq18
#
# You may NOT specify wildcards here, e.g. if you have multiple ppp
# interfaces, you need to put them all in here!
#
# If the device doesn't exist, a warning message will be issued during
# "shorewall [re]start" and "shorewall reload" and traffic shaping
# configuration will be skipped for that device.
#
# Shorewall assigns a sequential interface number to each interface (the
# first entry in the file is interface 1, the second is interface 2 and so
# on) You can explicitly specify the interface number by prefixing the
# interface name with the number and a colon (":"). Example: 1:eth0.
#
# IN-BANDWIDTH (in_bandwidth) - {-|bandwidth[:burst]|~bandwidth[:interval:
# decay_interval]}
#
# The incoming bandwidth of that interface. Please note that you are not able
# to do traffic shaping on incoming traffic, as the traffic is already
# received before you could do so. But this allows you to define the maximum
# traffic allowed for this interface in total, if the rate is exceeded, the
# packets are dropped. You want this mainly if you have a DSL or Cable
# connection to avoid queuing at your providers side.
#
# If you don't want any traffic to be dropped, set this to a value to zero in
# which case Shorewall will not create an ingress qdisc.Must be set to zero
# if the REDIRECTED INTERFACES column is non-empty.
#
# The optional burst option was added in Shorewall 4.4.18. The default burst
# is 10kb. A larger burst can help make the bandwidth more accurate; often
# for fast lines, the enforced rate is well below the specified bandwidth.
#
# What is described above creates a rate/burst policing filter. Beginning
# with Shorewall 4.4.25, a rate-estimated policing filter may be configured
# instead. Rate-estimated filters should be used with Ethernet adapters that
# have Generic Receive Offload enabled by default. See Shorewall FAQ 97a.
#
# To create a rate-estimated filter, precede the bandwidth with a tilde
# ("~"). The optional interval and decay_interval determine how often the
# rate is estimated and how many samples are retained for estimating. Please
# see http://ace-host.stuart.id.au/russell/files/tc/doc/estimators.txt for
# details. If not specified, the default interval is 250ms and the default
# decay_interval is 4sec.
#
# OUT-BANDWIDTH (out_bandwidth) - bandwidth
#
# The outgoing bandwidth of that interface. This is the maximum speed your
# connection can handle. It is also the speed you can refer as "full" if you
# define the tc classes in shorewall-tcclasses(5). Outgoing traffic above
# this rate will be dropped.
#
# OPTIONS - {-|{classify|htb|hfsc|linklayer={ethernet|atm|adsl}|tsize=tsize|mtu=
# mtu|mpu=mpu|overhead=overhead} ,...}
#
# classify ― When specified, Shorewall will not generate tc or Netfilter
# rules to classify traffic based on packet marks. You must do all
# classification using CLASSIFY rules in shorewall-mangle(5).
#
# htb - Use the Hierarchical Token Bucket queuing discipline. This is the
# default.
#
# hfsc - Shorewall normally uses the Hierarchical Token Bucket queuing
# discipline. When hfsc is specified, the Hierarchical Fair Service Curves
# discipline is used instead (see tc-hfsc (7)).
#
# linklayer - Added in Shorewall 4.5.6. Type of link (ethernet, atm, adsl).
# When specified, causes scheduler packet size manipulation as described in
# tc-stab (8). When this option is given, the following options may also be
# given after it:
#
# mtu=mtu - The device MTU; default 2048 (will be rounded up to a power
# of two)
#
# mpu=mpubytes - Minimum packet size used in calculations. Smaller
# packets will be rounded up to this size
#
# tsize=tablesize - Size table entries; default is 512
#
# overhead=overheadbytes - Number of overhead bytes per packet.
#
# REDIRECTED INTERFACES (redirect)- [interface[,interface]...]
#
# May only be specified if the interface in the INTERFACE column is an
# Intermediate Frame Block (IFB) device. Causes packets that enter each
# listed interface to be passed through the egress filters defined for this
# device, thus providing a form of incoming traffic shaping. When this column
# is non-empty, the classify option is assumed.
#
# Examples
#
# Example 1:
#
# Suppose you are using PPP over Ethernet (DSL) and ppp0 is the interface for
# this. The device has an outgoing bandwidth of 500kbit and an incoming
# bandwidth of 6000kbit
#
# #INTERFACE IN-BANDWIDTH OUT-BANDWIDTH OPTIONS REDIRECTED
# # INTERFACES
# 1:ppp0 6000kbit 500kbit
#
###############################################################################
#INTERFACE IN_BANDWITH OUT_BANDWIDTH OPTIONS REDIRECT