From owner-freebsd-net Mon Jan 1 21:56:55 2001 From owner-freebsd-net@FreeBSD.ORG Mon Jan 1 21:56:53 2001 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id C8B0837B400 for ; Mon, 1 Jan 2001 21:56:53 -0800 (PST) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.1/8.11.1) id f025uPH69405; Mon, 1 Jan 2001 21:56:25 -0800 (PST) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200101020556.f025uPH69405@iguana.aciri.org> Subject: Re: ipfw uid rules and matching specific services for bandwidth limiting In-Reply-To: <20010102014330.A75512@totem.fix.no> from Anders Nordby at "Jan 2, 2001 1:43:30 am" To: anders@fix.no (Anders Nordby) Date: Mon, 1 Jan 2001 21:56:25 -0800 (PST) Cc: billf@mu.org, freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: rizzo@iguana.aciri.org Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org the easy way could be (probably) force the ftp daemon run as some other user, or assign a second IP to the server and make sure that the ftpd binds to the second address. But in the end, one probably might also like to have a separate namespace where processes can [be forced to] register and whose values can be used as keys by the various resource allocators (dummynet is just an example, one might want to do the same thing with filesystem clients) cheers luigi > > FYI I am running 4.1.1-STABLE as of Tue Oct 24 01:25:55 CEST 2000, and top(1) > > shows all proftpd processes as being owned by root. > > If I filter on uid root, the rules will match the packets (I tried with > specific IPs + uid root): > > 00010 1539 2307193 count log ip from any to 192.168.0.34 uid root > 00011 881 35259 count log ip from 192.168.0.34 to any uid root > > But then again filtering on uid root is not what I want -- it will match > ssh sessions and other things as well. And then I'm back to start.. > > Regards, > > -- > Anders. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message