From owner-freebsd-net@FreeBSD.ORG  Mon Nov 28 23:03:36 2011
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4E259106566C
	for <freebsd-net@freebsd.org>; Mon, 28 Nov 2011 23:03:36 +0000 (UTC)
	(envelope-from marek_sal@wp.pl)
Received: from mx3.wp.pl (mx3.wp.pl [212.77.101.7])
	by mx1.freebsd.org (Postfix) with ESMTP id B713B8FC13
	for <freebsd-net@freebsd.org>; Mon, 28 Nov 2011 23:03:35 +0000 (UTC)
Received: (wp-smtpd smtp.wp.pl 23004 invoked from network);
	28 Nov 2011 23:36:54 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wp.pl; s=1024a;
	t=1322519814; bh=JhYBvyae00VdKp+fVXLi7Ggnni1gQMW1l2syZ3ctH7s=;
	h=From:To:Subject;
	b=VQEF6WTnKQYxluCFhRzzMmlAnqfeZ7xU+mumhJ9x+oIhwJ5FUJbm1Qg6OQio0gooU
	SP+YBU//iMo814EbmOD0jyqPWfOEsNC4Ldpl5W+NUesaQYis34CBOC9ibjysFMXOr8
	mo7XrqHdpF/LYks82O64/0TqUhK8WKbYW41OP/A4=
Received: from nat.misal.pl (HELO [10.0.0.15]) (marek_sal@[83.19.131.171])
	(envelope-sender <marek_sal@wp.pl>)
	by smtp.wp.pl (WP-SMTPD) with SMTP
	for <fjwcash@gmail.com>; 28 Nov 2011 23:36:54 +0100
Message-ID: <4ED40CF7.2040005@wp.pl>
Date: Mon, 28 Nov 2011 23:36:39 +0100
From: Marek Salwerowicz <marek_sal@wp.pl>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20111105 Thunderbird/8.0
MIME-Version: 1.0
To: Freddie Cash <fjwcash@gmail.com>, freebsd-net@freebsd.org
References: <4E412116.1070305@wp.pl>
	<CAOjFWZ4B3uUfOLAzL=B1WY98rqi6X32j7FM61VjJ3td76NkADg@mail.gmail.com>
	<4E422A74.3090601@wp.pl>
	<CAOjFWZ5CK62nQMA8JsfW1b4BQh3hAJbAAynortzaUBqSWBwdSQ@mail.gmail.com>
	<4E7B450F.5050802@wp.pl>
	<CAOjFWZ6wf9NnVeffUV4uA6h1t-1T8juxXycZbM7+GgpFC-HkUg@mail.gmail.com>
	<4E84B447.7010509@wp.pl>
	<CAOjFWZ4XOU2dT3+L6AJeUNO7QcC=0ymLXN3GMkzCuoB3a1Qyew@mail.gmail.com>
	<4E84DE26.6030103@misal.pl> <4E85D8CB.6010104@wp.pl>
	<CAOjFWZ6xZ5bDcm6aAVvwz47rmYLEqSyKO5Bzg3aQPHS-o98w_w@mail.gmail.com>
	<4E876705.3040806@wp.pl>
	<CAOjFWZ7LV3z=22mPLXw-T0W6dJCfVVZ9Q+d+Kxg1VFdM51eLww@mail.gmail.com>
In-Reply-To: <CAOjFWZ7LV3z=22mPLXw-T0W6dJCfVVZ9Q+d+Kxg1VFdM51eLww@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-WP-AV: skaner antywirusowy poczty Wirtualnej Polski S. A.
X-WP-SPAM: NO 0000000 [oVP0]                               
Cc: 
Subject: Re: ipfw - accessing DMZ from LAN , pipes
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Nov 2011 23:03:36 -0000

Hello after a longer break ;)

W dniu 2011-10-01 22:02, Freddie Cash pisze:
>
>
> However, you could setup split-DNS or views and just configure everything to
> connect using hostnames. It's extra work to setup, but does make things
> easier down-the-road.
I've set up the DNS with views and since one month everything has been 
working perfectly (I set up the firewall at small net5501 soekris box) - 
thanks a lot for your help !

I am confused about one thing - I wanted to set up pipes for my DMZ 
hosts (not to allow my hosts to consume all the bandwidth).
When I set up the pipes at the beginning of my firewall (before 
configuring the NAT) - the  whole traffic is blocked.
When I set up the pipes ad the end of firewall - they don't work (even 
'ipfw show' shows no packets coming through 'pipe' rules).

Where should be the pipe rules placed?
Does it matter if I do first 'ipfw add pipe 1...' and then 'ipfw pipe 1 
config...' ?

Regards,

-- 
Marek Salwerowicz