Date: Wed, 28 Jun 2006 03:33:30 -0500 From: "Travis H." <solinym@gmail.com> To: McLone <mclone@gmail.com> Cc: pf@freebsd.org, pf@benzedrine.cx Subject: Re: queueing: give some BW to each addr (in a table)? Message-ID: <d4f1333a0606280133k7ae28321v1e6705350720338d@mail.gmail.com> In-Reply-To: <451cb3010606270521x506735aep67d18acf95de7b98@mail.gmail.com> References: <451cb3010606270521x506735aep67d18acf95de7b98@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 6/27/06, McLone <mclone@gmail.com> wrote: > We have many clients here, so i wanted to do it > on my freebsd6 router, with simple cron job switching > tables in PF, but pf doesn't support a thing like > "give EACH ip in that table N kbits/s". Yes, what you want is a list. > So i have one option now - write some pf.conf > preprocessor, with soem frontend to edit it. If you know python, check out dfd_keeper. There is an OpenBSD port here: http://www.lightconsulting.com/~travis/OpenBSD/ Basically you can, from a script that uses nc/netcat, add or delete from a list relatively trivially. It then renders the ruleset and loads it into pf. It looks intimidating at first but isn't really. You have my permission to use it in your commercial environment. Once installed, you need to write a short python script; there is an example in the dist (but it doesn't get installed by the port yet, sorry). If you have any further questions, or if you want [paid] help implementing it, email me. -- "I sometimes have delusions of adequacy" -- Woody Allen Security "guru" for rent or hire - http://www.lightconsulting.com/~travis/ -><- GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d4f1333a0606280133k7ae28321v1e6705350720338d>