Hi Jared,
jared r r spiegel wrote:
On Sun, Oct 23, 2005 at 07:08:44AM -0700, Joe Advisor wrote:
so all of the clients
are basically matching to the external public IP... so
basically I can't individually control the upload
bandwidth.
for this, i use tags. tags aren't bound to an iface, so if you
tag from the clients uniquely, and do not overwrite
that tag on any further tag rules, you can
pass out on $e all tagged client1 keep state queue client1
pass out on $e all tagged client2 keep state queue client2
pass out on $e all tagged client3 keep state queue client3
the initial tagging could be done like:
pass in on $i from $client1 to any tag client1 keep state
pass in on $i from $client2 to any tag client2 keep state
pass in on $i from $client3 to any tag client3 keep state
Well, you can simply immediatly send them to the queue, if even queues
on different interfaces:
pass in on $i from $client1 to any keep state queue client1
pass in on $i from $client2 to any keep state queue client2
pass in on $i from $client3 to any keep state queue client3
Simpler :>
But of course, each person has its own way of doing things and this all
depends on your overall aims of the entire firewall.
best
b
--
Bruno Afonso, Biological Engineer
Dana-Farber Cancer Institute
1 Jimmy Fund Way
Smith Building
Boston, MA 02115
phone: (617)-632-5105
GABBA Graduate Student (http://gabba.up.pt)
Homepage @ http://brunoafonso.net/
