ipfw ruleset
Karan Gupta
kgupta at edgefocus.com
Thu Mar 25 15:13:43 PST 2004
The following is the ruleset im using:
what i want to achieve is
1.IP traffic on the network to get shaped to 1024kbits/s
2.Kazaa/e-donkey, gnutella traffic to be shaped at 128kbits/s
3.ICMP traffic shaped to 8kbits/s
will this work??
ipfw -f flush
ipfw add pipe 5 tcp from x.x.x.1/23 to any 6881-6889,1214,4661,4662
ipfw add pipe 6 udp from x.x.x.1/23 to any 6881-6889,1214,4661,4662
ipfw add pipe 7 tcp from any 6881-6889,1214,4661,4662 to x.x.x.1/23
ipfw add pipe 8 udp from any 6881-6889,1214,4661,4662 to x.x.x.1/23
ipfw add pipe 1 ip from any to any in recv rl1
ipfw add pipe 2 ip from any to any out xmit rl1
ipfw add pipe 3 icmp from any to any in recv rl1
ipfw add pipe 4 icmp from any to any out xmit rl1
ipfw pipe 1 config mask src-ip 0xffffffff bw 1024kbits/s queue 50Kbytes
ipfw pipe 2 config mask dst-ip 0xffffffff bw 1024kbits/s queue 50kbytes
ipfw pipe 3 config mask src-ip 0xffffffff bw 8kbits/s queue 50kbytes
ipfw pipe 4 config mask dst-ip 0xffffffff bw 8kbits/s queue 50kbytes
ipfw pipe 5 config mask src-ip 0xffffffff bw 128kbit/s queue 50kbytes
ipfw pipe 6 config mask src-ip 0xffffffff bw 128kbit/s queue 50kbytes
ipfw pipe 7 config mask dst-ip 0xffffffff bw 128kbit/s queue 50kbytes
ipfw pipe 8 config mask dst-ip 0xffffffff bw 128kbit/s queue 50kbytes
More information about the freebsd-isp
mailing list