Limiting bandwidth

Rudi Kramer - MWEB rkramer at
Wed Aug 20 08:47:06 UTC 2008

> Erik Danielsson
> Hello,
> Basically I want to limit the bandwidth for a every IP address not
within a
> given IP range. To complicate things a bit more, I only want to limit
> bandwidth once a certain amount of data, let's say 10 GiB, has been
> sent/received from an IP address outsite the IP range.
> I want the traffic counter to be reset at a specific time of my
choice, for
> example at midnight, which means that after midnight, the traffic
won't be
> limited (until 10 GiB has been transferred once again).
> I hope I made myself clear.
> Any ideas on how to do this?

Hi Eric,

The best way I know how is by using PF and ALTQ.

You will need to recompile your kernel to support ALTQ

Once that's done you will need to spend some time reading Peter
Hansteen's  PF manual,  (If you are
impatient you can skip straight to but I would recommend
reading the entire manual.)

Once you've managed to wrap your head around pf and you've written and
implemented your rule set I would also recommend installing pftop to
check that your queues are working. (pftop -v queue)

If you need further help, mail freebsd-pf at with your rule set
and what's happening or not happening.


More information about the freebsd-questions mailing list