From owner-freebsd-questions  Mon Nov 26 18:24:12 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from obsecurity.dyndns.org (adsl-64-165-226-105.dsl.lsan03.pacbell.net [64.165.226.105])
	by hub.freebsd.org (Postfix) with ESMTP id 2850E37B41B
	for <freebsd-questions@FreeBSD.ORG>; Mon, 26 Nov 2001 18:24:06 -0800 (PST)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id 601AD66B27; Mon, 26 Nov 2001 18:24:05 -0800 (PST)
Date: Mon, 26 Nov 2001 18:24:05 -0800
From: Kris Kennaway <kris@obsecurity.org>
To: =?iso-8859-1?Q?Radek_V=E1clav=EDk?= <radekvaclavik@yahoo.com>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: IPFW rules
Message-ID: <20011126182405.A21196@xor.obsecurity.org>
References: <013301c176cd$bd523860$fd6c2093@arvi>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="UugvWAfsgieZRqgk"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <013301c176cd$bd523860$fd6c2093@arvi>; from radekvaclavik@yahoo.com on Mon, Nov 26, 2001 at 11:57:34PM +0100
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG


--UugvWAfsgieZRqgk
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Nov 26, 2001 at 11:57:34PM +0100, Radek V=E1clav=EDk wrote:
> Hi all,
>=20
> I have already posted this questing on the news server, but didn't get an=
 answer :-(. Perhaps someone here (maybe the author) can help.
>=20
> My problem is this one: I have a network, which has a relatively slow
> connection out to the world. And due to a lots of ftp traffic, other
> services (like ssh, telnet, vnc..etc) are getting very slow because of hi=
gh
> ping and packet loss. Therefore, I would like to set priority to packets =
at
> different ports (for the firewall to handle these packets prior to the ot=
her
> ones - like ftp). And this is it. How to create rule for this?
> I don't want to strictly restrict the bandwitch for ftp (to have full use=
 of
> the line for ftp when not using the other services). And even if I'd deci=
de
> to do so (rules for this work fine), I don't know, what ports to restrict
> ( 2o only doesn't work, cause a lot of users download from different ftp
> ports).

Use dummynet

Kris

--UugvWAfsgieZRqgk
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD4DBQE8AvlEWry0BWjoQKURAm3TAJ0QSOK0ngI2KM6djqvd7WN281Ff4gCXV8gc
3hdsjMJHgUn+LN0LAbp2zQ==
=RvTX
-----END PGP SIGNATURE-----

--UugvWAfsgieZRqgk--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message