gateway/firewall script
Aleksandar Simonovski
aleksandar at unet.com.mk
Thu Oct 23 01:37:41 PDT 2003
On Wed, 22 Oct 2003 20:29:10 -0700
Jonathan Feally <vulture at netvulture.com> wrote:
> Your problem lies in that you are counting the traffic twice in the
> queue/pipe - once from the internal addr to the dst, and once from the
> external addr to the dst. Change your rules to specify which IP Block
> should get the bw limiting.
> I don't know if the keep-state thing is throwing it out of whack or not.
ok, i don't get this quite right, you meen i should change the masks
to something like this:
queue 1 config weight 5 pipe 1 mask src-ip 0xffffff00
queue 2 config weight 5 pipe 2 mask dst-ip 0xffffff00
queue 3 config weight 5 pipe 3 mask src-ip 0xffffff00
queue 4 config weight 5 pipe 4 mask dst-ip 0xffffff00
More information about the freebsd-net
mailing list