From owner-freebsd-questions@FreeBSD.ORG  Wed Feb  3 06:31:31 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 24119106568D
	for <questions@freebsd.org>; Wed,  3 Feb 2010 06:31:31 +0000 (UTC)
	(envelope-from alexus@gmail.com)
Received: from mail-yx0-f172.google.com (mail-yx0-f172.google.com
	[209.85.210.172])
	by mx1.freebsd.org (Postfix) with ESMTP id DB0188FC14
	for <questions@freebsd.org>; Wed,  3 Feb 2010 06:31:30 +0000 (UTC)
Received: by yxe2 with SMTP id 2so840808yxe.7
	for <questions@freebsd.org>; Tue, 02 Feb 2010 22:31:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:reply-to:date:message-id
	:subject:from:to:content-type;
	bh=6Sx+3Fc1myGwxVcuZMyWsvgLHpyb3tDmdJ0N1scWXL4=;
	b=tUyQH+s61Xrrqq+pG1VqiH5fd06cAQd5DSdBMNsWt5VMxDMJupLwe896r7we3i0+cp
	jWJpCN974c0vdBvCMm/hHeEDTIE7RfRbu8GjbO7oxzER9jo2TEiyGdgNKac4XIXGBZcN
	SiDmGrrhJpVXpLwTEWdU1SyyQYfA/GdxlJIfM=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:reply-to:date:message-id:subject:from:to:content-type;
	b=jhKOqkeTA6Xpxgc+k9CC8h14EPDEmaqz+p4QFkHVgfOO4I0FGgd1MYlD6mL5I2ItLU
	6fhu9jBr/ikZi4ADJMX+6eFGA50T3gtltI4c5LcNlgvOTfhtR/hce6PTBtKRr6A0U478
	gSEVPIl6QpsVVUGbpiTkWeg3kQBCZnUp9fzK4=
MIME-Version: 1.0
Received: by 10.150.165.16 with SMTP id n16mr10197268ybe.84.1265177303751; 
	Tue, 02 Feb 2010 22:08:23 -0800 (PST)
Date: Wed, 3 Feb 2010 01:08:23 -0500
Message-ID: <6ae50c2d1002022208x5551c062nc3f4bd365cee62@mail.gmail.com>
From: alexus <alexus@gmail.com>
To: questions@freebsd.org
Content-Type: text/plain; charset=UTF-8
Cc: 
Subject: FreeBSD Traffic Shaping
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: google@alexus.org
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Feb 2010 06:31:31 -0000

Hi

I'm trying to do traffic shaping with FreeBSD, here are my rules

su-3.2# ipfw pipe show
00001:   1.000 Mbit/s    0 ms   50 sl. 1 queues (1 buckets) droptail
    mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp
  0 tcp     64.237.55.83/60546 206.223.183.156/80    35704818
2711309193  0    0   0
00002:   1.000 Mbit/s    0 ms   50 sl. 1 queues (1 buckets) droptail
    mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp
  0 tcp  206.223.183.156/80       64.237.55.83/60546 46186238
55031603690  0    0 585064
su-3.2# ipfw show
00100  50878094  8828324288 allow ip from any to any via lo0
00200         0           0 deny ip from any to 127.0.0.0/8
00300         0           0 deny ip from 127.0.0.0/8 to any
08025   7985221  2441309667 allow tcp from any to any dst-port 25
08110   2921293   144559774 allow tcp from any to any dst-port 110
08143    207578    11273485 allow tcp from any to any dst-port 143
08381  35704746  2711287847 pipe 1 tcp from any to any dst-port 80 uid daemon
08382  46186754 55032183316 pipe 2 tcp from any 80 to any uid daemon
08993   1304764   130695084 allow tcp from any to any dst-port 993
08995    637970    56234323 allow tcp from any to any dst-port 995
65000 124980086 87768197494 allow ip from any to any
65535         0           0 deny ip from any to any
su-3.2#

first of all why when I run ipfw pipe 1 show i get same source and
destination ip, that doesnt seem like ever change yet total
packets/bytes increasing

and most important question, after donig all that I'm looking at my
MRTG stats and I see i'm very well over 1Mbit/s limit. main services
that i run on my box is web and mail

what am I doing wrong?

here is config file

su-3.2# cat /etc/ipfw.rules
flush
pipe flush
pipe 1 config bw 1Mbit/s mask src-port www
pipe 2 config bw 1Mbit/s mask src-port www
add 100 allow ip from any to any via lo0
add 200 deny ip from any to 127.0.0.0/8
add 300 deny ip from 127.0.0.0/8 to any
add 8381 pipe 1 tcp from any to any dst-port www uid daemon
add 8382 pipe 2 tcp from any to any src-port www uid daemon
add 8025 allow tcp from any to any dst-port smtp
add 8110 allow tcp from any to any dst-port pop3
add 8143 allow tcp from any to any dst-port imap
add 8993 allow tcp from any to any dst-port imaps
add 8995 allow tcp from any to any dst-port pop3s
add 65000 pass all from any to any
su-3.2# uptime
 6:06AM  up 25 days,  3:48, 1 user, load averages: 0.04, 0.03, 0.00
su-3.2# uname -rp
7.2-RELEASE-p6 amd64
su-3.2#


-- 
http://alexus.org/