sftp server with speed throttling

Nikos Vassiliadis nvass9573 at gmx.com
Mon Mar 22 09:30:54 UTC 2010


Dan Naumov wrote:
> What are my options if I want to run an sftp server with speed
> throttling? My understanding is that openssh (which includes sftp) in
> base does not support this directly, so I would have to either use a
> custom kernel with ALTQ (and I would really rather stick to GENERIC so
> I can use freebsd-update) which sounds like a bit too much
> configuration work or pass sftp traffic through PF and throttle it
> (ugly, would also affect ssh traffic).

You could examine the possibility of using ipfw and dummynet:
1) ipfw and dummynet are availabe in the GENERIC kernel.
2) Most of the time you can classify bulk/interactive traffic
	by examining the packet's length. IP packets carrying
	sftp traffic tend to be limited by MTU size or PMTU
	discovery. IP packets carrying ssh traffic tend to be
	much smaller.

Nikos


More information about the freebsd-questions mailing list