From owner-freebsd-ipfw Sat Apr 27 23:15:36 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from iguana.icir.org (iguana.icir.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 7D84E37B41A for ; Sat, 27 Apr 2002 23:15:32 -0700 (PDT) Received: (from rizzo@localhost) by iguana.icir.org (8.11.6/8.11.3) id g3S6FSo63299; Sat, 27 Apr 2002 23:15:28 -0700 (PDT) (envelope-from rizzo) Date: Sat, 27 Apr 2002 23:15:28 -0700 From: Luigi Rizzo To: Andre Albsmeier Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: bandwith shaping only for big tcp packets Message-ID: <20020427231528.B63189@iguana.icir.org> References: <20020425095301.A18975@curry.mchp.siemens.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020425095301.A18975@curry.mchp.siemens.de> User-Agent: Mutt/1.3.23i Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Apr 25, 2002 at 09:53:01AM +0200, Andre Albsmeier wrote: > I would like to do something like: > > ipfw add 2000 pipe 1 tcp from 192.168.128.4/32 to any len gt 100 > ipfw pipe 1 config bw 4KBytes/s queue 4KBytes > > This would mean that only packets which are bigger than 100 bytes > will be fed to pipe 1. > > Any ideas? well you'd need to write the necessary extensions in the ipfw matching code to implement the "gt NN" part. I can partly see the point of what you are asking (e.g. differentiating interactive ssh sessions from scp and other bulk transfers-over-ssh stuff) but: 1) i wonder if, for the time being, you cannot achieve the same by e.g. looking at the PSH flag in TCP packets; 2) it is probably about time that someone implements the ability to run BPF code segments for packet matching in ipfw rules! cheers luigi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message