Date: Mon, 4 Jul 2011 14:46:55 +0200 From: =?iso-8859-1?q?Gr=E9goire_Leroy?= <gregoire.leroy@retenodus.net> To: freebsd-ipfw@freebsd.org Subject: Natd + dummynet Message-ID: <201107041446.55415.gregoire.leroy@retenodus.net>
next in thread | raw e-mail | index | archive | help
Hi, I try to use dummynet with natd, but I don't understand where I must write= =20 pipes/queues lines. I want to use fair queueing on my sdsl line, and I don't understand if I mu= st=20 write rules : 1) before the firsts lines of nat 2) Between nat and chek-state 3) before allow/deny 4) After allow/deny 5) After lasts natd lines. I wonder also if pipes rules replace allow rules : if a packet is accepted = in=20 a pipe, it's also allowed, isn't it ? My rules are :=20 # Les paquets autorises sont nattes -> important $cmd 55300 divert 8868 ip from any to any in via $adsl1_if $cmd 55301 divert 8869 ip from any to any in via $adsl2_if $cmd 55302 divert 8870 ip from any to any in via $sdsl_if # On accepte les paquets autorises par keep-state $cmd 55320 check-state =2E.. some deny/allow/skipto lines ... #nat everything that get's here, should be ok as local allowed in first $cmd 61000 divert 8868 ip from $interne to any in $cmd 61100 divert 8868 ip from $interne to any out $cmd 61300 allow all from any to any $cmd 62000 divert 8869 ip from $interne to any out $cmd 62500 divert 8869 ip from $interne to any in $cmd 62700 allow all from any to any $cmd 63000 divert 8870 ip from $interne_all to any out $cmd 63500 divert 8870 ip from $interne_all to any in $cmd 63600 allow all from any to any #policy route to send traffic to correct isp $cmd 61200 fwd $isp1 ip from $adsl1_ip to any $cmd 62550 fwd $isp2 ip from $adsl2_ip to any $cmd 63700 fwd $isp3 ip from $sdsl_ip to any $cmd 65534 allow all from any to any Tkanks for your help, Gr=E9goire Leroy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201107041446.55415.gregoire.leroy>