Bandwith limitations, NAT and transparent proxy
Uncle GIGI
gigi at gigi.sk
Fri Aug 22 03:13:22 PDT 2003
Hi !
I have FreeBSD 4.8 installed.
There is IPFIREWALL, IPFIREWALL_FORWARD, IPDIVERT and DUMMYNET in my
kernel configration.
On my FBSD gateway to the Internet I would like to use NAT (of course
:-))) ), transparent proxy and limit the outgoing traffic.
xl0 (62.169.170.166/30) is the public interface, xl1 (192.168.1.1/24) is
the private one.
If my firewall rules look like:
ipfw pipe 1 config bw 256Kbit/s queue 40Kbytes
ipfw add 47 pipe 1 ip from any to any out via xl0
ipfw add 48 allow ip from 192.168.1.1 to any
ipfw add 49 fwd 192.168.1.1,3128 tcp from 192.168.1.0/24 to any 80
ipfw add 50 divert 8668 ip from any to any via xl0
... (the rest of OPEN firewall rules)
nothing except http (because of transparent proxy, I think) goes through
the gateway from the local net.
If my firewall rules look like:
ipfw pipe 1 config bw 256Kbit/s queue 40Kbytes
ipfw add 47 pipe 1 ip from 62.169.170.166 to any out via xl0
ipfw add 48 allow ip from 192.168.1.1 to any
ipfw add 49 fwd 192.168.1.1,3128 tcp from 192.168.1.0/24 to any 80
ipfw add 50 divert 8668 ip from any to any via xl0
... (the rest of OPEN firewall rules)
everything works fine except except the bandwith limitation.
Do you have any ideas, how to get these three things (bandwith
limitation, nat, transparent proxy) work together ?
Thanks a lot in advance.
GIGI
More information about the freebsd-questions
mailing list