From owner-freebsd-net@FreeBSD.ORG Thu Jul 31 13:04:58 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D6B32106567F for ; Thu, 31 Jul 2008 13:04:58 +0000 (UTC) (envelope-from mtm@wubethiopia.com) Received: from dire.wubethiopia.com (j071.v.rootbsd.net [208.79.82.223]) by mx1.freebsd.org (Postfix) with ESMTP id B421D8FC12 for ; Thu, 31 Jul 2008 13:04:58 +0000 (UTC) (envelope-from mtm@wubethiopia.com) Received: from rogue.mike.lan (unknown [213.55.86.59]) by dire.wubethiopia.com (Postfix) with ESMTPSA id 06EF24FD990C; Thu, 31 Jul 2008 13:04:32 +0000 (UTC) Message-ID: <4891B992.3040204@wubethiopia.com> Date: Thu, 31 Jul 2008 16:09:38 +0300 From: Mike Makonnen User-Agent: Thunderbird 2.0.0.12 (X11/20080323) MIME-Version: 1.0 To: Lawrence Stewart References: <48918DB5.7020201@wubethiopia.com> <489198C6.9060409@room52.net> In-Reply-To: <489198C6.9060409@room52.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Application layer classifier for ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Jul 2008 13:04:58 -0000 Lawrence Stewart wrote: > Hi Mike, > > Mike Makonnen wrote: > > [snip] > >> sharing applications which were hogging all the bandwidth. I looked >> for programs that would allow me to shape traffic according to the >> application layer protocol, but couldn't find any for FreeBSD. I >> found a couple: l7-filter and ipp2p, but these are Linux specific. >> So, I decided to write one. The result is ipfw-classifyd : >> http://people.freebsd.org/~mtm/ipfw-classifyd.tar.bz2 > > [snip] > > Unfortunately, I suspect you should have looked a bit harder: Bro > (http://www.bro-ids.org/) or Snort (http://www.snort.org/), both of > which are in the FreeBSD ports tree, would have saved you from > reinventing the wheel. > I'm not sure they have the exact type of wheel I'm looking for :-). My understanding is that their primary function is Intrusion Detection, not traffic shaping. To use them as traffic shapers would require extra work on the sysadmin's part (scripts and other types of scotch tape). Am I wrong? The ipfw-classifyd daemon, on the other hand, works directly with ipfw(4). I suspect that for traffic shaping using ipfw-classifyd would require a lot less effort than using either of the above solutions. At the very least it's an additional tool in the FreeBSD sysadmin's arsenal. BTW, my motivation for writing this program wasn't because there were no other tools that did this (as I mentioned I had already found Linux tools that would do this), but because I wanted a solution that uses FreeBSD and is BSD licensed :-) Cheers. -- Mike Makonnen | GPG-KEY: http://people.freebsd.org/~mtm/mtm.asc mtm @ FreeBSD.Org | AC7B 5672 2D11 F4D0 EBF8 5279 5359 2B82 7CD4 1F55 FreeBSD | http://www.freebsd.org