From owner-freebsd-questions@FreeBSD.ORG  Thu Feb  8 09:14:36 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 1BDA516A402
	for <freebsd-questions@freebsd.org>;
	Thu,  8 Feb 2007 09:14:36 +0000 (UTC)
	(envelope-from rottweilertje@rottnic.nl)
Received: from rottnic.nl (rottnic.demon.nl [83.160.164.231])
	by mx1.freebsd.org (Postfix) with ESMTP id CB6EB13C478
	for <freebsd-questions@freebsd.org>;
	Thu,  8 Feb 2007 09:14:35 +0000 (UTC)
	(envelope-from rottweilertje@rottnic.nl)
Received: from localhost (unknown [127.0.0.1])
	by rottnic.nl (Postfix) with ESMTP id C98153F499;
	Thu,  8 Feb 2007 10:14:33 +0100 (CET)
X-Virus-Scanned: amavisd-new at rottnic.nl
Received: from rottnic.nl ([127.0.0.1])
	by localhost (rottnic.nl [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id t7ECHnK-bCZq; Thu,  8 Feb 2007 10:14:26 +0100 (CET)
Received: from [10.0.1.128] (rottbook.rottnet.rottnic.nl [10.0.1.128])
	by rottnic.nl (Postfix) with ESMTP id 9B5763F419;
	Thu,  8 Feb 2007 10:14:26 +0100 (CET)
In-Reply-To: <45C99F3E.9030307@sk1llz.net>
References: <45C99336.3010508@demax.sk> <45C99F3E.9030307@sk1llz.net>
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <68835456-0FB5-468D-9D11-F81702D7E049@rottnic.nl>
Content-Transfer-Encoding: 7bit
From: Guido Demmenie <rottweilertje@rottnic.nl>
Date: Thu, 8 Feb 2007 10:14:25 +0100
To: Justin Robertson <justin@sk1llz.net>
X-Mailer: Apple Mail (2.752.2)
Cc: freebsd-questions@freebsd.org
Subject: Re: Packet rate limiter
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Feb 2007 09:14:36 -0000


Jan Sebosik wrote:
> Hi
>
> is there any way how to limit packet per second [PPS] rate to  
> specified IP (group of IP) ? Linux can achieve this via IPtables.
> I`ve searched a lot of web, but nothing interesting found (for PF,  
> IPFilter, and IPFW).
>
> On Feb 7, 2007, at 10:43 AM, Justin Robertson wrote:
>> Newp. You're stuck to good old bps with ipfw or bps/cpse  
>> (connections per second established) with pf. The other method  
>> would be to use cisco netflow export data from a router being  
>> polled - then limiting traffic with one of the methods mentioned  
>> above... or just place pps limits on your router itself.


Try man dummynet(4). It is a traffic shaper used with IPFW.

--
Guido Demmenie
http://www.rottnic.nl