From owner-freebsd-questions@FreeBSD.ORG Fri Oct 9 17:23:53 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 40CE6106568D for ; Fri, 9 Oct 2009 17:23:53 +0000 (UTC) (envelope-from alexus@gmail.com) Received: from mail-yx0-f171.google.com (mail-yx0-f171.google.com [209.85.210.171]) by mx1.freebsd.org (Postfix) with ESMTP id EEB838FC1F for ; Fri, 9 Oct 2009 17:23:52 +0000 (UTC) Received: by yxe1 with SMTP id 1so373666yxe.3 for ; Fri, 09 Oct 2009 10:23:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=CMuDXtM2Yv/0VoqaKdaEPICwdQ9gCFDKYYkOg73r9EY=; b=RhSJCAjQPueTpnkyxffFY/fTLDc4s/pBvnoSyOZYFGtSG0i57eMAwVCgHe38WtYntR j/dR5E+JHnQ8+VB82owDSwMOufPPRVHhDDZMg9ON9WNzcuFphvnkrGbL3jqnrlYjjzl7 oXHJDaIOyWH5crosaR0KXGLGZkW/vcDLMSNgc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=dBBdMV5n1fUq+Y2C+jXkfPBK5Mjd8sy5xM82CVXFnz53MNpLKNvgfkglG61PS0wXWV 4nGG/8Ob2rs8MamHuUHb6jDouZTCyV3s30dhEgHr1ci7oXjzoiazqnZU3tsSW7nQN2lJ zRAPGtaMCMN7jnGaJP7cRn1zSmLoLOOVNuyoQ= MIME-Version: 1.0 Received: by 10.150.115.8 with SMTP id n8mr5218036ybc.64.1255109032225; Fri, 09 Oct 2009 10:23:52 -0700 (PDT) In-Reply-To: <6ae50c2d0910091022y380cbc90xd8c7599b80ef520d@mail.gmail.com> References: <6ae50c2d0910090907n7082a50brab5cdfc1cc4ca183@mail.gmail.com> <4ACF6B7F.7050408@beanfield.com> <6ae50c2d0910091022y380cbc90xd8c7599b80ef520d@mail.gmail.com> Date: Fri, 9 Oct 2009 13:23:52 -0400 Message-ID: <6ae50c2d0910091023w7656b5e7pa9421e6878ed05b5@mail.gmail.com> From: alexus To: Brent Bloxam Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-questions@freebsd.org Subject: Re: ipfw - TRAFFIC SHAPER X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Oct 2009 17:23:53 -0000 On Fri, Oct 9, 2009 at 1:22 PM, alexus wrote: > On Fri, Oct 9, 2009 at 12:57 PM, Brent Bloxam wrot= e: >> alexus wrote: >>> >>> I'm trying to fight with ipfw and unfortunately unsuccessfully... >>> >>> I created following rules >>> >>> ipfw pipe 1 config bw 1Mbit/s >>> ifpw add 8080 pipe 1 tcp from any to any src-port www >>> ifpw add 8080 pipe 1 tcp from any to any dst-port www >>> >>> yet I see peaks of my traffic is way higher them 1Mbit/s >>> i have following modules loaded through kldload >>> >>> =C2=A02 =C2=A0 =C2=A03 0xffffffff80cd3000 15db8 =C2=A0 =C2=A0ipfw.ko >>> =C2=A05 =C2=A0 =C2=A01 0xffffffff80cec000 bbc8 =C2=A0 =C2=A0 dummynet.k= o >>> >>> i even load >>> >>> 10 =C2=A0 =C2=A01 0xffffffff80e7d000 14df =C2=A0 =C2=A0 ipdivert.ko >>> >>> and that still didn't help :( >>> can anyone help me? >>> >> >> Do you have an ipfw rule allowing www traffic before rule 8080? >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.= org" >> > > no, nothing related to www, in fact the only rules I have before that > one is followings: > > 00100 19704 =C2=A0 3856110 allow ip from any to any via lo0 > 00200 =C2=A0 =C2=A0 0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0 deny ip from any to 1= 27.0.0.0/8 > 00300 =C2=A0 =C2=A0 0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0 deny ip from 127.0.0.= 0/8 to any > > that's it... > > -- > http://alexus.org/ > the other thing is kind of weird is when I do ipfw pipe show I get same results no matter how many times I do that su-3.2# ipfw pipe show 00001: 2.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte= Drp 0 tcp 72.21.81.133/80 64.237.55.83/51986 176846 168906331 44 56988 6909 su-3.2# --=20 http://alexus.org/