Help With ipwf Rules
Tim Daneliuk
tundra at tundraware.com
Thu Jul 31 18:40:18 UTC 2014
I am working on a FreeBSD 10-STABLE machine that has two NICS:
re0 - Connects to the internet
em0 - NATs to a private flat Class C LAN (192.168...)
There is already an IPFW ruleset in place, primarily to control
who can get in via re0 - pretty much anything is allowed out from
the FreeBSD machine itself and from the 192 network.
I need to add a few additional ipfw rules to do the following:
1) Bandwidth shaping/management. I need to ensure that the total
amount of bandwidth being used by hosts on the LAN never exceeds,
say, 3 mb/sec down and 1 mb/sec up. Then I need a similar rule
for traffic originating ON the FreeBSD box itself.
2) I need to create rules that permit a VOIP phone to plug in on
the NATed LAN and still work properly.
I am somewhat familiar with ipfw having set up the original rule set
but I am a bit unclear on how to do these two things. The help of
some kind soul with the expertise would be most appreciated ...
--
----------------------------------------------------------------------------
Tim Daneliuk tundra at tundraware.com
PGP Key: http://www.tundraware.com/PGP/
More information about the freebsd-questions
mailing list