From owner-freebsd-questions@FreeBSD.ORG Sat May 24 13:56:36 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9D96937B401 for ; Sat, 24 May 2003 13:56:36 -0700 (PDT) Received: from symonds.net (ca1.symonds.net [66.92.42.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2E6CD43F93 for ; Sat, 24 May 2003 13:56:36 -0700 (PDT) (envelope-from ashish@symonds.net) Received: from localhost (symonds.net) [127.0.0.1] by symonds.net with smtp (Exim 3.35 #1 (Debian)) id 19Jg4A-0007GT-00; Sat, 24 May 2003 13:56:34 -0700 Received: from 203.192.199.30 (SquirrelMail authenticated user ashish) by secure.symonds.net with HTTP; Sun, 25 May 2003 02:26:34 +0530 (IST) Message-ID: <44644.203.192.199.30.1053809794.squirrel@secure.symonds.net> Date: Sun, 25 May 2003 02:26:34 +0530 (IST) From: "Ashish Kulkarni" To: Importance: High MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Subject: changing the ToS in IP Header X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: ashish@symonds.net List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 May 2003 20:56:36 -0000 Hello, Is there any way in which I can manipulate the Type of Service (TOS) byte in the IPv4 header? I need to set the TOS bits on all outgoing packets from my box to the ISP to a particular pattern (0x02), otherwise the ISP does not forward packets. I have been able to do this in Linux using the iptables mangle table: http://www.tldp.org/LDP/nag2/x-087-2-firewall.tos.manipulation.html but am unable to find a similiar packet-mangling feature in the firewalls running on FreeBSD...there are rules for matching on TOS pattern, but not on TOS manipulation. Does anyone know of any tool which can do this? As an alternative solution, is there any way to set the default TOS via a sysctl interface (similiar to that of TTL, namely net.inet.ip.ttl)? I'm planning to use this on my home box, so I have no problems in trying to patch and rebuild the kernel if I can get some feedback and/or tips on how to do so :-) Thanks, Ashish.