Hello! I have the following problem. I'm supposed to manage a dormitory LAN, with approx. 200 windoze computers. It works fine, I'm using OpenBSD 3.3 as a Firewall and NAT, but...
-------- 100Mbit --------- dc0 [OpenBSD 3.3/FW/NAT] dc1 ------- LAN 192.168.0.0/24 As you see, we have a pretty fast internet connection. And that's the problem. Students keep using peer to peer software and you can imagine the traffic. Fortunatelly, our provider won't shape the line unless we manage the traffic. Actually, the traffic is not the problem, but the services. (content of the trasported data :) warez/mp3/divx ) So I blocked everything by default (outbound) and allowed only some certain ports. As a result, every day I get bunch of emails, that I should enable a particular stream radio, instant messenger, online library or whatewer :( Is it anyhow possible, for current allowed ports, to use all the bandwidth and to keep everything else at let's say 2Mbit? Inbound and outbound. I've tried something using altq/pf but without achieving all the objectives. :( Thank you. Peter Huncar SP SCCh FChPT STU
