From owner-freebsd-ipfw@FreeBSD.ORG Wed Apr 14 09:43:59 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 75F6E16A4CE for ; Wed, 14 Apr 2004 09:43:59 -0700 (PDT) Received: from server1.aaawebsolution.com (aaawebsolution.com [209.61.189.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id E8B2F43D45 for ; Wed, 14 Apr 2004 09:43:58 -0700 (PDT) (envelope-from tscrum@aaawebsolution.com) Received: from wolf (fl-well-u1-c3c-157.pbc.adelphia.net [24.54.174.157]) (authenticated)i3EGhw925662; Wed, 14 Apr 2004 11:43:58 -0500 From: "Thomas S. Crum - AAA Web Solution, Inc." To: "'Ludo Koren'" Date: Wed, 14 Apr 2004 12:43:45 -0400 Message-ID: <001201c4223f$ad443930$6466a8c0@wolf> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0013_01C4221E.26329930" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4024 In-reply-to: <200404141513.i3EFDR5R084225@lk106.tempest.sk> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2739.300 Importance: Normal X-Content-Filtered-By: Mailman/MimeDel 2.1.1 cc: ipfw@freebsd.org Subject: RE: limiting bandwith X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Apr 2004 16:43:59 -0000 This is a multi-part message in MIME format. ------=_NextPart_000_0013_01C4221E.26329930 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Using keep-state "is" the most efficient way to do it. The config that I sent would still allow smtp and pop through, but limited as to the weight of the queue. Maybe I am misunderstanding what you are saying. Are you saying that the mail is traversing unabated by the ruleset? Best, Thomas S. Crum Senior Technical Associate tscrum@aaawebsolution.com Toll-free: (800) 834-0626 AAA Web Solution, Inc. 11924 W Forest Hill Boulevard Building 22 - Mailstop 200 Wellington, FL 33414 USA Providing full-service website design, maintenance, hosting, and marketing. No task is too small or enterprise too large for us to help you! ------------------------------------------------------------------------ ---- -----Original Message----- From: owner-freebsd-ipfw@freebsd.org [mailto:owner-freebsd-ipfw@freebsd.org] On Behalf Of Ludo Koren Sent: Wednesday, April 14, 2004 11:13 AM To: rizzo@icir.org Cc: ipfw@freebsd.org; tscrum@aaawebsolution.com Subject: Re: limiting bandwith >> I wrote `interactive' (ticks), and I meant addresses that are >> used to connect to ssh, web, etc (interactive processes). All >> these addresses are NAT-ed. For these, your setup is working >> fine. Thank you very much. >> >> The problem, I still have, is the following: the SMTP is >> flowing through, I am not relaying e-mail on this host. It >> seems to me, I cannot put together a rule which pass the >> traffic and add it to the queue except when I use keep-state >> flag. In this setup (keep-state), Luigi wrote it does not work. > i said your configuration does not work the way you want. It > is possible to write a proper configuration that does what you > want but it is left as an exercise to the reader. That I had understand. The problem is, the exercise I don't know to do, even I tried hard several days... call me stupid... The setup is: pass 2 mail servers without NAT and add the traffic from the LAN to WAN to the queue and limit it (or weigth it). If I add: ipfw add queue 3 tcp from A to B 25 ipfw queue 3 config weight 1 pipe 10 mask src-ip 0x000000ff ipfw pipe 10 config bw 256Kbit/s and remove all rules with keep-state, it stops working. > cheers luigi Regards, lk _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" ------=_NextPart_000_0013_01C4221E.26329930--