oops, sent to wrong list....
-----Original Message----- From: Lee Dilkie [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 04, 2004 8:00 AM To: 'Bjorn Eikeland'; 'Jaco van Tonder'; '[EMAIL PROTECTED]' Subject: RE: [5.2.1-RC, IPFW] Traffic Shaping > > There isnt much you can really do as to shape incomming > traffic, however > you can limit how fast you accept the incomming data. (At > least this is > what im used to from my little experience with linux.) > > I tried* the following rule, and in theroy it sounds up to the job: > ipfw add pipe 1 tcp from not me to me smtp > > *)when I say tried I really mean ipfw didnt complain, but no traffic > actually saw it. > > Obviously you can replace 'me' with your actual ip and 'smtp' > with 25, but > I find its easier to read english. > > Feel free to try that though :) I'm running IPFW on 4.9 and inbound traffic shaping does work, I've verified that. my rule section... ipfw -f pipe flush # do pipes first or later rules will tigger and pipes won't be used # newfiechick in/out ipfw pipe 1 config bw 100Kbit/s ipfw pipe 2 config bw 60Kbit/s # sendmail limits in/out ipfw pipe 3 config bw 80Kbit/s ipfw pipe 4 config bw 80Kbit/s # testing #ipfw pipe 5 config bw 80Kbit/s #ipfw pipe 6 config bw 80Kbit/s # bandwidth throttling #ipfw add pipe 1 ip from any to newfiechick in #ipfw add pipe 2 ip from newfiechick to any out ipfw add pipe 3 tcp from any to spock smtp in ipfw add pipe 3 tcp from any to spock pop3 in ipfw add pipe 4 tcp from spock to any smtp out ipfw add pipe 4 tcp from spock pop3 to any out #ipfw add pipe 5 udp from any to 206.51.1.220 in #ipfw add pipe 6 udp from 206.51.1.220 to any out These come before any deny/allow rules. The commented out testing rule was to an internet phone and i was able to turn down the b/w and affect the voice quality in either direction so I'm confident that this works. -lee > > > Hi all, > > > > I am using FreeBSD 5.2.1-RC + IPFW2 + DUMMYNET to do > traffic shaping. > > This works well for my setup. > > I have the following configuration: > > The machine has 2 NIC's, xl0, dc0. The kernel is configured to do > > bridging. The bridged > > packets is passed to IPFW (net.link.ether.bridge.ipfw=1). > > > > I shape traffic this way: > > The bridge is setup between a router and an internal mail server. > > I am limiting bandwith using the following rules: > > pipe 1 config bw 16KBytes/s > > pipe 2 config bw 12KBytes/s > > > > and then: > > > > add pipe 1 tcp from any to any 25 (limit incoming traffic > towards smtp) > > add pipe 2 tcp from any 110 to any (limit outgoing traffic > from pop3) > > > > Yesterday, while browsing through Absolute BSD by Michael > Lucas I read > > an interesting part: > > You cannot shape incoming traffic the way that I do at the moment. > > > > Now, my question: > > How can I limit the incoming traffic towards my smtp server > properly? > > > > Any advice would be apreciated. > > > > Thank you, > > Regards > > Jaco van Tonder > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"