Hi, I would like to make use of ipfw/dummynet traffic shaper and use it together with ipnat/ipf's filtering. Hope this is possible ? This is a personal preference so no need to tell me why I should just use ipfw etc.
Can someone suggest what I would or would not need to use in my rc.conf and kernel please. I have selected the following ( FreeBSD 5.2R ): rc.conf: ipfilter_enable="YES" ipfilter_program="/sbin/ipf" ipfilter_rules="/etc/ipf.rules" ipfilter_flags="" ipnat_enable="YES" ipnat_program="/sbin/ipnat" ipnat_rules="/etc/ipnat.rules" ipmon_enable="YES" ipmon_program="/sbin/ipmon" ipmon_flags="-Dsvn" ipnat_enable="YES" kernel config: options IPFILTER #ipfilter support options IPFILTER_LOG #ipfilter logging options PFIL_HOOKS #required by IPFILTER options IPFILTER_DEFAULT_BLOCK #block all packets by default options IPFIREWALL #firewall options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default options DUMMYNET #bandwidth limiter options IPSTEALTH #support for stealth forwarding Seeing as though I'm not using ipfw filtering I thought I could just allow everything through by default. Will dummynet still work if IPFIREWALL_DEFAULT_TO_ACCEPT is set ? Any suggestions appreciated. Thanks. -- Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc "Unix IS user friendly.. It's just selective about who its friends are."
signature.asc
Description: This is a digitally signed message part