Date: Mon, 4 May 2009 19:49:13 +0300 From: =?UTF-8?B?T2RoaWFtYm8gIOODr+OCt+ODs+ODiOODsw==?= <odhiambo@gmail.com> To: Tamar Lea <tamarlea@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: per protocol bandwidth filters for firewall Message-ID: <991123400905040949p7351a397s199b538961647ab3@mail.gmail.com> In-Reply-To: <1ab57dc80905040833q1573f264oe6bd77420df31c6d@mail.gmail.com> References: <1ab57dc80905040833q1573f264oe6bd77420df31c6d@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 4, 2009 at 6:33 PM, Tamar Lea <tamarlea@gmail.com> wrote:
> Hello all,
> I have inherited the job of maintaining a FreeBSD firewall that sits behind
> an ADSL line that connects 128 clients to the internet. I have not used
> FreeBSD before but have some linux experience. The connections must be
> always on though I am allowed to reboot if absolutely necessary. It is
> using
> ipfilter and ipnat. There have been issues with clients taking up too much
> bandwidth, so after several hours of careful testing I managed to redirect
> all traffic on port 80 to a squid service using ipnat. This uses delay
> pools
> to limit the max speed per user. However I would also like to limit the max
> speed per user for streaming traffic on port 1935. Would this be possible
> with the current setup and what programs or config would be able to do the
> job?
If you consider PF+ALTQ, you will be able to do what IPFilter/IPNAT is doing
now and much more - just like you desire. You will also find it quite easy
to convert the current firewall/nat rules into PF syntax.
Best of luck!
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
"Clothes make the man. Naked people have little or no influence on
society."
-- Mark Twain
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?991123400905040949p7351a397s199b538961647ab3>