Date: Sat, 7 Jan 2012 14:42:55 +0700 From: budsz <budiyt@gmail.com> To: freebsd-questions@freebsd.org Cc: freebsd-ipfw@freebsd.org Subject: IPFW transparent VS dummynet rules Message-ID: <CADM2n7j8sB2UX1-_J1RWsGFJfBQd9ZhNthCY%2BVy4VzQVcSTZ-g@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi folks,
I already found the mistake of my ruleset sequence on my box, for ex:
${fwcmd} add 30 fwd ${ipproxy},${portproxy} tcp from ${ipclproxy} to
any dst-port ${porthttp} in via ${ifint0}
${fwcmd} add 52 pipe 2 ip from any to ${ipclient} via ${ifint0}
${fwcmd} add 53 pipe 3 ip from ${ipclient} to any via ${ifint0}
${fwcmd} pipe 2 config bw ${bwcldown} mask dst-ip 0xffffffff
${fwcmd} pipe 3 config bw ${bwclup} mask src-ip 0xffffffff
With this ruleset sequence, the limiter didn't work but fwd rules working.
If I switching like:
${fwcmd} add 52 pipe 2 ip from any to ${ipclient} via ${ifint0}
${fwcmd} add 53 pipe 3 ip from ${ipclient} to any via ${ifint0}
${fwcmd} pipe 2 config bw ${bwcldown} mask dst-ip 0xffffffff
${fwcmd} pipe 3 config bw ${bwclup} mask src-ip 0xffffffff
${fwcmd} add 70 fwd ${ipproxy},${portproxy} tcp from ${ipclproxy} to
any dst-port ${porthttp} in via ${ifint0}
The limiter working but fwd didn't work. Anyone have a clue for fix
this dilemma?
Thank You
--
budsz
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADM2n7j8sB2UX1-_J1RWsGFJfBQd9ZhNthCY%2BVy4VzQVcSTZ-g>