Bill Moran wrote:
if u need to count ip traffic for all clients u can use sipmple and more performance rule set, like this one:In response to Daniel Dias Gonçalves <[email protected]>:Very good thinking, congratulations, but my need is another.The objective is a Captive Porrtal that each authentication is dynamically created a rule to ALLOW or COUNT IP authenticated, which I'm testing is what is the maximum capacity of rules supported, therefore simultaneous user.Understand ?If you're only doing allow, then you'd be better off using a table, which has much better performance than a bunch of separate rules. If you're counting packets, I don't know if that approach will work or not.
LOCAL_NET=192.168.0.0/24
ipfw pipe 100 config bw 0 mask src-ip 0xffffffff
ipfw pipe 100 config bw 0 mask dst-ip 0xffffffff
ipfw add 100 pipe 100 ip from ${LOCAL_NET} to any out
ipfw add 200 pipe 200 ip from any to ${LOCAL_NET} in
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[email protected]"
