From owner-freebsd-questions@FreeBSD.ORG Wed Aug 20 08:47:06 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 77CC8106567B for ; Wed, 20 Aug 2008 08:47:06 +0000 (UTC) (envelope-from rkramer@mweb.com) Received: from mwbmarshal.mweb.com (mwbmarshal.mweb.com [196.2.141.6]) by mx1.freebsd.org (Postfix) with ESMTP id 4CF398FC0C for ; Wed, 20 Aug 2008 08:47:04 +0000 (UTC) (envelope-from rkramer@mweb.com) Received: from mwbfes1.mweb.com (Not Verified[196.2.141.73]) by mwbmarshal.mweb.com with NetIQ MailMarshal 6.0 Service Pack 1 (v6, 0, 3, 28) id ; Wed, 20 Aug 2008 10:47:00 +0200 Received: from MWBEXCH.mweb.com ([196.2.141.76]) by mwbfes1.mweb.com with Microsoft SMTPSVC(6.0.3790.3959); Wed, 20 Aug 2008 10:47:00 +0200 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable Date: Wed, 20 Aug 2008 10:46:59 +0200 Message-ID: <39DC135F7F0571489196E0B6F5D58B4A03B4606B@MWBEXCH.mweb.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Limiting bandwidth Thread-Index: AckCl52O9zSMMBxwR6G1sFbw4o4tAgACHgyg References: From: "Rudi Kramer - MWEB" To: "Erik Danielsson" , X-OriginalArrivalTime: 20 Aug 2008 08:47:00.0282 (UTC) FILETIME=[4F74E1A0:01C902A1] Cc: Subject: RE: Limiting bandwidth X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Aug 2008 08:47:06 -0000 > Erik Danielsson >=20 > Hello, >=20 > Basically I want to limit the bandwidth for a every IP address not within a > given IP range. To complicate things a bit more, I only want to limit the > bandwidth once a certain amount of data, let's say 10 GiB, has been > sent/received from an IP address outsite the IP range. >=20 > I want the traffic counter to be reset at a specific time of my choice, for > example at midnight, which means that after midnight, the traffic won't be > limited (until 10 GiB has been transferred once again). >=20 > I hope I made myself clear. >=20 > Any ideas on how to do this? >=20 Hi Eric, The best way I know how is by using PF and ALTQ. You will need to recompile your kernel to support ALTQ (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-pf. html)=20 Once that's done you will need to spend some time reading Peter Hansteen's PF manual, http://home.nuug.no/~peter/pf/. (If you are impatient you can skip straight to http://home.nuug.no/~peter/pf/en/altqintro.html but I would recommend reading the entire manual.) Once you've managed to wrap your head around pf and you've written and implemented your rule set I would also recommend installing pftop to check that your queues are working. (pftop -v queue) If you need further help, mail freebsd-pf@freebsd.org with your rule set and what's happening or not happening. Rudi