Hi i have a freebsd 7.1 with ipfw and dummynet and natd and all the things is good. but the i can not limite the upload to the internet with dummynet. the download limit works fine .
when change the pipe2 (to me in ) to ( to any in) the internet connection of my client will be down vr0 : internal net : 192.168.10.0/24 nfe0: out net : 212.80.13.1 ,2 ,3 the upload is very high . HELP ME here is my ipfw config : pfw -q -f flush #Dedicate internet user and non internet user ############################################################################ # #charter 55 for ali shirali movaghat share with andishgar iuser="192.168.10.0/24{1,3,25, <http://192.168.10.0/24%7B1,3,25,27,31,42,48,50,53,54,55,63,69,81,84,88,92,9 8,100,105,118,128,131,134,135,137,140,155,165,171%7D> 27,31,42,48,50,53,54,55,63,69,81,84,88,92,98,100,105,118,128,131,134,135,137 ,140,155,165,171}" noiuser="192.168.10.0/24{44, <http://192.168.10.0/24%7B44,46%7D> 46}" ############################################################################ ## ##########################dummynet########################################## # #recive ipfw -q add pipe 1 ip from any to ${iuser} out via vr0 ipfw pipe 1 config bw 9KByte/s # queue 11 delay 100ms #send ipfw -q add pipe 2 ip from ${iuser} to me in via vr0 ipfw pipe 2 config bw 7KByte/s # queue 11 delay 100ms ############################################################################ # ##################################NAT####################################### ## ipfw -q add divert natd all from any to any via nfe0 ipfw -q add check-state ############################################################################ #block any to loopback ipfw -q add allow ip from any to any via lo0 ipfw -q add deny ip from any to 127.0.0.0/8 #########################END internet users################################## #web & ssl & yahoo messenger ###################WEB Accsess############################## ipfw -q add allow tcp from ${iuser} to any 80,443,5050 keep-state #allow all http to internal ipfw -q add allow tcp from any to any 80 in via nfe0 keep-state #charter 10 access on ghd24.net #ipfw -q add allow tcp from 192.168.10.64 to 66.49.211.210,94.182.197.230 80 keep-state ######################END Web Access######################### #aseman ipfw -q add allow tcp from any to any 7769 keep-state #amadeus ipfw -q add allow tcp from any to any 9876,10000 keep-state #air tour ipfw -q add allow tcp from any to any 1770 keep-state #ftp ipfw -q add allow ip from any to any 21 keep-state #ipfw -q add allow ip from any to any 1024-65535 keep-state ipfw -q add allow tcp from 192.168.10.69,192.168.10.1,192.168.10.9 to any 1024-65535 keep-state ipfw -q add allow tcp from any 1024-65535 to 192.168.10.1 keep-state #ipfw -q add check-state #DNS ipfw -q add allow ip from any to any 53 keep-state ipfw -q add allow ip from any 53 to any keep-state #remote ipfw -q add allow ip from any to any 35252,12114,3389 keep-state #mysql remote #ipfw -q add allow ip from any to any 3306,1433 keep-state #share #ipfw -q add allow tcp from any to me 139 #ipfw -q add allow tcp from any 139 to any #ping ipfw -q add allow icmp from any to any #cpanel #ipfw -q add allow ip from any to any 2082,2083,2095 keep-state #ssh ipfw -q add allow tcp from any to me 5432 keep-state ipfw -q add allow tcp from any 5432 to any keep-state #Out look pop3 ######################POP3 Access##################### ipfw -q add allow tcp from ${iuser},${noiuser} to any 25 keep-state ipfw -q add allow tcp from ${iuser},${noiuser} to any 110 keep-state ######################END POP3 Access################# #gmail #ipfw -q add allow tcp from any to any 995,465 keep-state #Ghost Surf ipfw -q add allow tcp from any to any 8888 keep-state #VPN TO EXTRENAL ipfw -q add allow gre from any to any keep-state ipfw -q add allow tcp from any to any 1723 keep-state #allow all to external ipfw -q add allow ip from any to any out via nfe0 #deny all in from external ipfw -q add deny all from any to any in via nfe0 _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"