From owner-freebsd-questions@FreeBSD.ORG Tue Sep 25 08:35:16 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 483D116A420 for ; Tue, 25 Sep 2007 08:35:16 +0000 (UTC) (envelope-from darknighter@gmail.com) Received: from nz-out-0506.google.com (nz-out-0506.google.com [64.233.162.228]) by mx1.freebsd.org (Postfix) with ESMTP id ECCB013C4B5 for ; Tue, 25 Sep 2007 08:35:15 +0000 (UTC) (envelope-from darknighter@gmail.com) Received: by nz-out-0506.google.com with SMTP id l8so1000223nzf for ; Tue, 25 Sep 2007 01:35:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; bh=Sp/ZPVa2gaX4+Il6sRNmIb1Q3VFImu5hBU8xR09QNcc=; b=Q3atLUS32YKxn4kkcHzxpj9Kj/fXifFIYaURRXVjYtegcRky2tSVpnIJSSUpHfJwXq4lwLT5j6Wuv7PdyiWmOgHo6bPw+0X3Cp1bDT+Af73+1e7Q6+rQkzNjyd2iiScoJJ4ePveYGQMNpxYxRdbRm3um5kJZSVaKpRMlyq3X2l8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=fmV+W4dzYJwIDrIBRF6/OYsvmdKBxM1yK7OYishUCz481SzNaapBqQbjHc3XKaOVQe5QMBbOsSclGVdK7HIUX6349jGMV1guAV5mxn3udeR++B8JnyFzKz0GSWNioZ1Dap0kr+RGRliGlxS6iMua+P2gSPizCzAh/RnXpQ1aPxI= Received: by 10.115.22.1 with SMTP id z1mr7784313wai.1190707804171; Tue, 25 Sep 2007 01:10:04 -0700 (PDT) Received: by 10.141.209.10 with HTTP; Tue, 25 Sep 2007 01:10:04 -0700 (PDT) Message-ID: Date: Tue, 25 Sep 2007 03:10:04 -0500 From: "Edgardo Nuevo" To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: Bandwidth filter with ipfw don't work X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Sep 2007 08:35:16 -0000 Hi I have Freebsd 6,2 with 2 cards of network, vr1 (10.0.1.10 with access to Internet), vr0 (192.168.1.1 internal network), I have configured ipfw + dummynet, when I configure a PC with 192.168.1.x does not work, but I put an IP type 10.0.1.x its works, what's error? ############### firewall.rules ############### -f flush add 0012 skipto 20 all from any to any not layer2 in via vr0 # Define MAC's users add 0013 skipto 20 all from any to any { MAC 00:1b:24:3b:4f:xx any or MAC any 00:1b:24:3b:4f:xx } layer2 add 0014 skipto 20 all from any to any { MAC 00:1b:24:25:yy:69 any or MAC any 00:1b:24:25:yy:69 } layer2 #Deny MACs not defined add 0019 deny log logamount 100 ip from any to any MAC any any layer2 via vr0 # Enable NAT add 0020 divert natd all from any to any via vr1 # Define pipe per MAC's add pipe 1 ip from any to any MAC 00:1b:24:3b:4f:xx any in via vr0 add pipe 2 ip from any to any MAC any 00:1b:24:3b:4f:xx in via vr0 add pipe 3 ip from any to any MAC 00:1b:24:25:yy:69 any add pipe 4 ip from any to any MAC any 00:1b:24:25:yy:69 # Define bandwith per pipe pipe 1 config bw 50Kbit/s pipe 2 config bw 50Kbit/s pipe 3 config bw 6Kbit/s pipe 4 config bw 6Kbit/s add 0500 allow all from any to any ####################################################### ############### sysctl.conf ############### net.link.ether.bridge.enable=1 net.link.ether.bridge_cfg=vr1:1,vr0:2 net.link.ether.bridge_ipfw=1 net.ip.dummynet.debug=1 net.inet.ip.fw.enable=1 net.link.ether.ipfw=1 ####################################################### Thanks Dark Night Rider