From owner-freebsd-questions  Sat Feb  5  9:44:42 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101])
	by builder.freebsd.org (Postfix) with ESMTP id 5D20E45DB
	for <freebsd-questions@FreeBSD.ORG>; Sat,  5 Feb 2000 09:44:39 -0800 (PST)
Received: (from dan@localhost)
	by dan.emsphone.com (8.9.3/8.9.3) id LAA01243;
	Sat, 5 Feb 2000 11:45:02 -0600 (CST)
	(envelope-from dan)
Date: Sat, 5 Feb 2000 11:45:02 -0600
From: Dan Nelson <dnelson@emsphone.com>
To: Steve Hovey <shovey@buffnet.net>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: Limiting bandwidth
Message-ID: <20000205114502.A1160@dan.emsphone.com>
References: <20000204134302.B18195@dan.emsphone.com> <Pine.BSF.4.05.10002050834280.16361-100000@buffnet11.buffnet.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0.1i
In-Reply-To: <Pine.BSF.4.05.10002050834280.16361-100000@buffnet11.buffnet.net>; from "Steve Hovey" on Sat Feb  5 08:35:22 GMT 2000
X-OS: FreeBSD 4.0-CURRENT
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In the last episode (Feb 05), Steve Hovey said:
> > > One last question then on a point that isnt clear in my head.
> > > 
> > > The traffic I want to limit is gatewayed  ed0 <--> fxp0
> > > 
> > > Do the statements/setup below only apply to packets destined for
> > > that interface (to be gated or for it specifically), ignoring all
> > > other packets on that ethernet? (I think all adapters see all
> > > packets, but only accept, deal with those corresponding to their
> > > IP or to be routed no?)
> > 
> > If you're asking whether machine B can arbitrarily block packets
> > going from machine A to machine C if they are all on the same hub,
> > the answer
> 
> Nope - Two ethernet cards on different wires. Packets passing through
> as a router.

If ipfw didn't filter in that case, it wouldn't be a very good
firewall, would it? :)  If it passes through the computer, you can
filter it with ipfw.  Of course, you can only do certain neat things
(like uid/gid filtering) if the packet's source or destination is on
the ipfw machine.

-- 
	Dan Nelson
	dnelson@emsphone.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message