Michael Drons wrote: > Thanks Victor, > > And when I have this: > > RULE=";Portfw service bit from internet.inet to windows.inside.lan options > log,loglimit=\"30\",logprefix=\"BIT\"" > RULE=";Snat service bit from windows.inside.lan to internet.inet options > log,loglimit=\"30\",logprefix=\"BIT3\"" > RULE=";Accept service bit from windows.inside.lan to internet.inet options > log,loglimit=\"100\",logprefix=\"BIT2\"" > > I would apply inbound shaping to the PORTFW rule and outbound shaping to the > ACCEPT rule?
Ya, correct. > inbound and outbound is from the view of the firewall, yes? > > Internet to the firewall, is inbound, correct? Ya, but the rules above are all forwarding rules so there Vuurmuur doesn't use a concept of inbound or outbound. Vuurmuur doesn't consider one of the zones or networks to be "inside" and others "outside". On exception is the special object "firewall" which results in rules in the INPUT and OUTPUT tables in iptables. Cheers, Victor > Thanks, Mike > > > > ----- Original Message ---- >> From: Victor Julien <[email protected]> >> To: Michael Drons <[email protected]> >> Cc: [email protected] >> Sent: Sun, June 13, 2010 7:48:27 AM >> Subject: Re: [Vuurmuur-users] traffic shaping help >> >> Only to the "accept" rule. > > Cheers, > Victor > > Michael Drons >> wrote: >> I am trying to shape traffic and not having much success. >> >> >> >> In my rules I always have 2 rules: a SNAT rule and an >> ACCEPT rule. >> >> RULE="Snat service http from inside.lan to >> internet.inet options log,logprefix=\"HTTP4\"" >> RULE="Accept service http >> from inside.lan to internet.inet options log,logprefix=\"HTTP5\"" >> >> >> If I want to limit the traffic for web traffic, which rule do I apply >> the shaping to? >> >> Here is my IPSEC rules: (again 2 >> rules) >> RULE="Snat service IPSEC from inside.lan to internet.inet options >> log,loglimit=\"30\"" >> RULE="Accept service IPSEC from inside.lan to >> internet.inet options log,loglimit=\"30\"" >> >> Thanks, Mike >> >> >> >> >> >> >> ------------------------------------------------------------------------------ >> >> ThinkGeek and WIRED's GeekDad team up for the Ultimate >> GeekDad Father's >> Day Giveaway. ONE MASSIVE PRIZE to the >> lucky parental unit. See >> the prize list and enter to win: >> >> http://p.sf.net/sfu/thinkgeek-promo >> >> _______________________________________________ >> Vuurmuur-users mailing >> list >> >> href="mailto:[email protected]";>[email protected] >> >> >> target=_blank >>> https://lists.sourceforge.net/lists/listinfo/vuurmuur-users > > > > > ------------------------------------------------------------------------------ > ThinkGeek and WIRED's GeekDad team up for the Ultimate > GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the > lucky parental unit. See the prize list and enter to win: > http://p.sf.net/sfu/thinkgeek-promo > _______________________________________________ > Vuurmuur-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/vuurmuur-users ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Vuurmuur-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
