Dummynet combined upload en download bandwidth limit per client

[John Nielsen]

> On Jun 20, 2016, at 6:50 AM, Rick van der Zwet <info at rickvanderzwet.nl> wrote:
> 
> I would like to be able to limit bandwidth (upload + download) per
> client using dummynet. Yet I fail to create dynamic pipes which matches
> both upload and download at the same time. re2 is the interface on which
> the the clients are connected in network 192.168.0.0/24.
> 
> I am able to limit download (300Mbit/s) with dynamic pipes using:
>    ${fwcmd} pipe 1 config bw 300Kbit/s mask dst-ip 0xffffffff
>    ${fwcmd} add 60000 pipe 1 ip from not me to 192.168.0.0/24 via re2 out
> 
> I am able to limit upload (300Mbit/s) with dynamic pipes using:
>    ${fwcmd} pipe 1 config bw 300Kbit/s mask src-ip 0xffffffff
>    ${fwcmd} add 60000 pipe 1 ip from 192.168.0.0/24 to not me via re2 in
> 
> I am able to limit upload+download (total 300Mbit/s) for single
> (192.168.0.10) IP using:
>    ${fwcmd} pipe 1 config bw 300Kbit/s
>    ${fwcmd} add 60000 pipe 1 ip from not me to 192.168.0.10/32 via re2 out
>    ${fwcmd} add 60000 pipe 1 ip from 192.168.0.10/32 to not me via re2 in
> 
> Yet duplicating the last one for all client IPs addresses  'feels' wrong
> and is a bit verbose. Am I able to limit upload+download bandwidth for
> multiple IPs without pre-creation of 1 pipe per client and the required
> rules?

You can create a per-IP pipe using the "mask" keyword when defining the pipe, e.g.:

ipfw pipe 1 config bw 300Kbit/s mask src-ip 0xffffffff

However, that would create different pipes based on source IP only (regardless of direction). I'm not sure there's a way to handle both directions in a single pipe other than creating a static pipe per IP as you've outlined above.

JN