Date: Sun, 21 Mar 2010 17:31:31 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: freebsd-questions@freebsd.org Subject: Re: sftp server with speed throttling Message-ID: <4BA657F3.9060400@infracaninophile.co.uk> In-Reply-To: <cf9b1ee01003210653l668377b7lc9002ebc68ff063d@mail.gmail.com> References: <cf9b1ee01003210653l668377b7lc9002ebc68ff063d@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 21/03/2010 13:53:16, Dan Naumov wrote:
> What are my options if I want to run an sftp server with speed
> throttling? My understanding is that openssh (which includes sftp) in
> base does not support this directly, so I would have to either use a
> custom kernel with ALTQ (and I would really rather stick to GENERIC so
> I can use freebsd-update) which sounds like a bit too much
> configuration work or pass sftp traffic through PF and throttle it
> (ugly, would also affect ssh traffic).
That's not an either-or. ALTQ is PF's traffic shaping mechanism.
Unfortunately, yes, ALTQ needs to be compiled into the kernel rather
than being loaded as a .ko. Also, PF cannot distinguish sftp traffic
from other ssh traffic: all you can do is rate limit port 22 stuff.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4BA657F3.9060400>