Interesting. Hadn't heard of IPA - this might be doable as a package after 1.0.
--Bill On 10/15/05, chris <[EMAIL PROTECTED]> wrote: > Hi > > I noticed this on the IPCops.com forum and thought it might be of interest > to PFsense. > > Post subject: Routed networks, per IP download limits and speed shaping. > Posted: Oct 15, 2005 - 06:40 AM > > User > > > Joined: Jun 11, 2004 > Posts: 108 > Location: Adelaide, Australia > Status: Offline > Hi guys, > > I know this isnt IPCop related, not specifically, but your advice would be > greatly appreciated. > > Im looking for an open source solution or something which isnt too > expensive software or hardware which can tie in with netflow exports from > either cisco 3620 or cisco 3640 and return cmds to shape ips behind it.... > This is specifically for routed networks behind 1 device which can shape > traffic, NAT is not neccessary. > > or software which will turn a linux or bsd box into a router, which traffic > shapes ip's to a specific speed, measures the traffic to that ip.. and when > they reach a certain limit of traffic.. shapes them down to 64k or whatever > rate u have chosen > > Must have the ability to set timeframes.. like monthly download limits or > daily or weekly... so when they reach their download limit, they are > shaped.. and when they reach their timelimit.. they are throttled back to > full speed again > > Must also have the ability to set flatrate pipes to ip's, with burstable > rates... and timeframes for peak and offpeak traffic.. > i.e.: u give an ip a 1mbit pipe, with 1.5mbit burstable. During peak > traffic times they are shaped to 1mbit, during offpeak they are put into a > queue where they can burst upto 1.5mbit with 1mbit still garunteed > > About 2 or 3 years ago, myself ( more of a networker ) and a freind ( the > guy who did all the programming for me ) ,... developed an application which > runs on openBSD and uses PF , IPA, cron and a series of perl and bash > scripts to do relatively ALL of the above,.. > The program called ipa http://ipa-system.sourceforge.net/ > has the ability to read the pf logfile and calculate bandwidth by tracking > pf rule numbers. When the ipa daemon which reads the pf logfile and its own > conf file reaches limits set in the conf file regarding specific rules to > ip's, it can then execute system cmds to change the PF rules and add ip's to > queues and various things.. which enables u to do basically all of the > above... > > We pump ALL the traffic to the networks we want to shape through the > OpenBSD box, set the boxes routing table, and then use the package to do the > rest of the work. > > We then have a little .cgi we access to add and remove ip's from queues, > give them download limits, timelimits, flat and burstable pipes, and the > ability to input an ip, and view its current limits, and data downloaded for > the current period. > > The problem I face.. is im not a programmer.. but i think this could be a > very useful tool to further develop and put on something like ipcop or a > similar mini-distro more focussed on routed networks and NAT not being > incuded .. or more something u turn on for flagged networks.. There is also > a newer version of ipa in development (ipa2), which is modular and can plug > into databases to store all the collected data and assumedly has improved > options. > > So yeah.. i would be interested in seeing if there is something else out > there that allready does this easily for an inexpensive price, hardware or > software.. or if other ppl think its worth throwing to the open source > community to see if other ppl might want to pick my half done project up and > make it an official project or mini distro... or any advice will do > > Im quite prepared to let anyone have a look at the code and package we made > for this, if they are at all interested in developing it further.. as it is > definitely not in a state which other users could pickup as a package and > install themselves and have some kind of support for it, albiet forums or > email usergroups.. > > Im sorta in a situation where i either need to futher develop what i have > started.. but have quite difficulty further developing it... > or find another solution for probably under $5,000 per site. > > neways.. any replies will be greatly appreciated. > > Cheerz > -shag > > _________________ > 1.4.9, P3 500mhz, 8gig scsi, > 438sdram, Internode ADSL2+ > > 1.4.9-dev, P3 600mhz, 8gig scsi, > 256sdram, Telstra Cable > > http://www.ipcops.com/index.php?name=PNphpBB2&file=viewtopic&t=5922 > > >
