OpenMCU-ru – DSCP Based QoS Packet Tagging Rules for Linux IP Tables

In Ubuntu, the best way to ensure that the firewall is up and running and that your packet filtering or mangling rules are in place any time the network connection comes up, you should create a rule in the /etc/network/if-up.d folder. An alternative approach to that would be to put a “post-up” rule on whatever interface in you /etc/network/interfaces file. From my experience, so that your firewall rules can be easily maintained as well having the ability to make comments for each rule, it’s ideal to take advantage of the iptables-save and iptables-restore functionality.

In order to follow this procedure, the first time you set up the firewall, you will have to manually add all the firewall rules and then issue the iptables-save command. For sake of saving time, I will just provide you with the contents of my config file that can be restored with the iptables-restore < config_file command. Continue reading “OpenMCU-ru – DSCP Based QoS Packet Tagging Rules for Linux IP Tables”