Date: Mon, 4 May 2009 19:49:13 +0300 From: =?UTF-8?B?T2RoaWFtYm8gIOODr+OCt+ODs+ODiOODsw==?= <odhiambo@gmail.com> To: Tamar Lea <tamarlea@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: per protocol bandwidth filters for firewall Message-ID: <991123400905040949p7351a397s199b538961647ab3@mail.gmail.com> In-Reply-To: <1ab57dc80905040833q1573f264oe6bd77420df31c6d@mail.gmail.com> References: <1ab57dc80905040833q1573f264oe6bd77420df31c6d@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 4, 2009 at 6:33 PM, Tamar Lea <tamarlea@gmail.com> wrote: > Hello all, > I have inherited the job of maintaining a FreeBSD firewall that sits behind > an ADSL line that connects 128 clients to the internet. I have not used > FreeBSD before but have some linux experience. The connections must be > always on though I am allowed to reboot if absolutely necessary. It is > using > ipfilter and ipnat. There have been issues with clients taking up too much > bandwidth, so after several hours of careful testing I managed to redirect > all traffic on port 80 to a squid service using ipnat. This uses delay > pools > to limit the max speed per user. However I would also like to limit the max > speed per user for streaming traffic on port 1935. Would this be possible > with the current setup and what programs or config would be able to do the > job? If you consider PF+ALTQ, you will be able to do what IPFilter/IPNAT is doing now and much more - just like you desire. You will also find it quite easy to convert the current firewall/nat rules into PF syntax. Best of luck! -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ "Clothes make the man. Naked people have little or no influence on society." -- Mark Twain
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?991123400905040949p7351a397s199b538961647ab3>