Iīm having a bit of trouble on understanding the basics of --dport/--sport usability...
Letīs take a very practical use for it. For example, I would like to prioritize incoming packets (downloads) over outgoing packets (uploads) using the mangle table (using Bittorrent). I know this is not very polite but sometimes I would like to uncomment the lines. I donīt even know if this is usable in Bitorrent. But anyway I would like to know the basic use for dport and sport for me interact with them in diffrent environments.
Here are the lines I came up with. The thing is that the use of dport & sport on the book Iīm reading are used diffrently... Iīll explai how I came to this and you guys tell me if itīs right or wrong.
#Bittorrent - Download
#/sbin/iptables -t mangle -A PREROUTING -p tcp -i $wanic --dport "myport" -j TOS --set-tos 16
On the line above, I want to prioritize incoming packets, so Iīm using mangle, specifying that every tcp packet, entering through my wanic destined to the port I specified for bittorrent should have the TOS set to 16, which is the highest possible. :-)
#Bittorrent - Upload
#/sbin/iptables -t mangle -A OUTPUT -p tcp -o $wanic --sport "myport" -j TOS --set-tos 0
On this one, I want to let outgoing packets at normal priority level, so Iīm using mangle specifying that every tcp packet, leaving through my wanic, exiting through the port specified for bittorrent should have the TOS set to 0 (which is normal).
Is this correct?
The main thing is: when should I use sport and when should I use dport?