beginners questions
Vadim Goncharov
vadimnuclight at tpu.ru
Mon Sep 3 11:11:11 PDT 2007
31.08.07 @ 07:43 Russell Fulton wrote:
> Before you ask, yes I've RTFM ;) which was very imformative and there
> are still some things that I have missed.
>
> 1/ Is there a way of reloading rules while maintaining the state table
> or is this the default? (put another way does flush affect dynamic
> rules).
Yes, it flushes dynamic rules because they depend on their parents, which
are flushed too.
> 2/ we are using state and also shaping traffic via pipes. What
> interaction, if any is there between pipes and state? i.e. if a packet
> gets sent to a pipe will other traffic that is matched by the dynamic
> rule also get sent to the pipe?
Yes, it should.
> 3/ are pipes bidirectional? I.e. do I need to say
>
> add 02421 pipe 6 all from 130.216.95.0/24 to any
> add 02422 pipe 7 all from any to 130.216.95.0/24
Umm... that depends on what you really want. Pipe is unidirectional in
sense that you always send packets into one end, and they'll get out from
the other end. So speed is depends on where that ends are connected to. So
if you are configuring pipe to, e.g., 1 Mbit, and say "pipe 1 all from A
to B" and "pipe 1 all from B to A", then both upload+download between A
and B will be 1 Mbit, SUMMARY. And if you send "A to B" traffic into 512
Kbit pipe and "B to A" traffic into 128 Kbit pipe, than you'll get exactly
this speed, in specified directions, respectively.
--
WBR, Vadim Goncharov
More information about the freebsd-ipfw
mailing list