From owner-freebsd-ipfw@FreeBSD.ORG Mon Jan 5 23:32:18 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CF5EC16A4CE for ; Mon, 5 Jan 2004 23:32:18 -0800 (PST) Received: from babyruth.hotpop.com (babyruth.hotpop.com [204.57.55.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9C11143D1F for ; Mon, 5 Jan 2004 23:32:17 -0800 (PST) (envelope-from dragon@phreaker.net) Received: from phreaker.net (kubrick.hotpop.com [204.57.55.16]) by babyruth.hotpop.com (Postfix) with SMTP id 9D1B6211563 for ; Tue, 6 Jan 2004 07:27:56 +0000 (UTC) Received: from dragonlord (cpe-64-4-106-185.carters-hsw.ntelos.net [64.4.106.185]) by smtp-2.hotpop.com (Postfix) with ESMTP id E792B1800A9 for ; Tue, 6 Jan 2004 07:27:52 +0000 (UTC) Message-ID: <200401060232090840.06D4EA3A@smtp.phreaker.net> In-Reply-To: <20040105200045.553EA16A4F2@hub.freebsd.org> References: <20040105200045.553EA16A4F2@hub.freebsd.org> X-Mailer: Calypso Version 3.30.00.00 (4) Date: Tue, 06 Jan 2004 02:32:09 -0500 From: "Dragon" To: freebsd-ipfw@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-HotPOP: ----------------------------------------------- Sent By HotPOP.com FREE Email Get your FREE POP email at www.HotPOP.com ----------------------------------------------- Subject: Re: bw limit of http downloads? X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Jan 2004 07:32:18 -0000 >Message: 1 >Date: Sun, 4 Jan 2004 13:01:58 -0800 (PST) >From: tony@saign.com >Subject: bw limit of http downloads? >To: ipfw@freebsd.org >Message-ID: <3466.66.146.166.53.1073250118.squirrel@p3.saignon.net> >Content-Type: text/plain;charset=3Diso-8859-1 > >I've been toying with the idea of limiting port 80 downloads from my box. >Seems some people can't be polite, and do it themselves?? > >Is their a quick way using a single pipe/queue to restrict port 80 to say >128K downloads? > >Thanks, >-Tony Since the ipfw(8) manual page can be a little confusing for someone little experience using pipes, try the following. Let's say 1.2.3.4 is the IP address that you have your httpd running on, rule number 400 is where the piping is to placed, and dc0 is the network= interface: ipfw pipe 1 config bw 128KBytes/s mask src-ip 1.2.3.4 ipfw add 400 pipe 1 tcp from 1.2.3.4 80 to any out via dc0 You can also use address/masklen (ie. 1.2.3.4/24) in place of a single= address if you have your httpd running on multiple addresses. I hope this gives you a good example. -Alec Masters