Hi all,
I'm using pf as my firewall and authpf as my authenticating gateway.I think
it works well. But I have two problem about it:
1. I want to limit per ip(user) bandwidth using ALTQ. I google it and
haven't found any command or conf in pf.conf which can do it. My solution
is create queue per ip(user), for example:
altq on bnx1 cbq bandwideth 10Mb queue { user1, user2, user3 .... userN }
queue user1 bandwidth 1% cbq(default)
queue user2 bandwidth 1% cbq
...
queue userN bandwidth 1% cbq
in the autfpf.rules
pass in quick on bnx1 from $user_ip queue $user_id
it can meet my needs, but I think it is not dynamic, I need rewrite queue
if new user added. And I don't know how many queue can be supported in ALTQ.
2. Can I restruct one user_id only ssh login once ?
--
Blog Site: livemoon.org
Twitter: mwjpiero
·Çµ±¡ÎÞÒÔÃ÷Ö¾£¬·ÇÄþ¾²ÎÞÒÔÖÂÔ¶
