From owner-freebsd-net Mon Jan 1 16:43:34 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 16:43:32 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from totem.fix.no (totem.fix.no [213.142.66.130]) by hub.freebsd.org (Postfix) with ESMTP id 457AC37B400 for ; Mon, 1 Jan 2001 16:43:32 -0800 (PST) Received: by totem.fix.no (Postfix, from userid 1000) id 8765C3C98; Tue, 2 Jan 2001 01:43:30 +0100 (CET) Date: Tue, 2 Jan 2001 01:43:30 +0100 From: Anders Nordby To: Bill Fumerola Cc: freebsd-net@freebsd.org Subject: Re: ipfw uid rules and matching specific services for bandwidth limiting Message-ID: <20010102014330.A75512@totem.fix.no> References: <20010101210826.A69852@totem.fix.no> <20010101172409.I72273@elvis.mu.org> <20010102011418.E74504@totem.fix.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010102011418.E74504@totem.fix.no>; from anders@fix.no on Tue, Jan 02, 2001 at 01:14:18AM +0100 X-Operating-System: FreeBSD 4.1.1-STABLE X-PGP-Key: http://anders.fix.no/pgp/ X-PGP-Key-FingerPrint: 1E0F C53C D8DF 6A8F EAAD 19C5 D12A BC9F 0083 5956 Sender: anders@totem.fix.no Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, Jan 02, 2001 at 01:14:18AM +0100, Anders Nordby wrote: > FYI I am running 4.1.1-STABLE as of Tue Oct 24 01:25:55 CEST 2000, and top(1) > shows all proftpd processes as being owned by root. If I filter on uid root, the rules will match the packets (I tried with specific IPs + uid root): 00010 1539 2307193 count log ip from any to 192.168.0.34 uid root 00011 881 35259 count log ip from 192.168.0.34 to any uid root But then again filtering on uid root is not what I want -- it will match ssh sessions and other things as well. And then I'm back to start.. Regards, -- Anders. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message