From owner-freebsd-questions Fri Dec 27 10:27:40 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 255B937B401 for ; Fri, 27 Dec 2002 10:27:39 -0800 (PST) Received: from fuzuli.enderunix.org (64.90.191.122.nyinternet.net [64.90.191.122]) by mx1.FreeBSD.org (Postfix) with SMTP id 13A7643EC2 for ; Fri, 27 Dec 2002 10:27:33 -0800 (PST) (envelope-from freebsd@faruk.net) Received: (qmail 33584 invoked by uid 89); 27 Dec 2002 18:26:31 -0000 Message-ID: <20021227182631.33581.qmail@fuzuli.enderunix.org> From: "Omer Faruk Sen" To: freebsd-questions@freebsd.org Subject: new packets aren't injected to pipe Date: Fri, 27 Dec 2002 13:26:31 -0500 Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi. I have a firewall with both ipf and ipfw. I am using ipfw for bandwidth limiting. But I am living a problem. Not all new connections that is matched to pipe config aren't injected to pipe thus not bandwith limited. I have a very simple config of ipfw as follows: ------------------------------------ 00100 0 0 pipe 1 tcp from 10.1.0.0/16 1214 to any out xmit rl0 00200 16363 19882252 pipe 2 tcp from 10.1.0.0/16 to any 1214 out xmit rl0 00300 0 0 pipe 3 tcp from 10.1.0.0/16 80 to any out xmit rl0 00400 0 0 pipe 4 udp from 10.1.0.0/16 to any 1214 out xmit rl0 -------------------------------- and doing "ipfw pipe show 2" shows: ------------------------------ 00002: 250.000 Kbit/s 0 ms 250 KB 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 0 tcp 10.1.4.174/4254 212.XXX.XXX.4/1214 18300 22166032 2 1712 0 ------------------------------ but at the same time new connections are made to other x.x.x.x/1214 hosts. Any of you have lived something like that? Thanks in advance.. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message