From owner-freebsd-questions Mon Jul 2 17: 6:17 2001 Delivered-To: freebsd-questions@freebsd.org Received: from www.tntpro.com (159-63.suscom-maine.net [207.5.159.63]) by hub.freebsd.org (Postfix) with ESMTP id 0DDBB37B403 for ; Mon, 2 Jul 2001 17:06:10 -0700 (PDT) (envelope-from tony@tntpro.com) Received: from TONY (tony.tntpro.com [192.168.0.10]) by www.tntpro.com (8.11.4/8.11.3) with SMTP id f6305bv69041; Mon, 2 Jul 2001 20:05:38 -0400 (EDT) (envelope-from tony@tntpro.com) Message-ID: <002501c10353$b8c79120$0a00a8c0@TONY> From: "Tony" To: "Richard Smith" , "Michael Lucas" Cc: References: <20010701131531.A78357@blackhelicopters.org> <20010701200306.A282@gaia.home.rdls.net> Subject: Re: dummynet question Date: Mon, 2 Jul 2001 20:04:24 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG what type of modification would need to be made if I was running the rules on a firewall instead of the webserver itself? I have gone online and read all the reference material I can find and can't seem to find the solution. my firewall has two interfaces 192.168.0.1 and 207.5.xxx.xx, my webserver is on 192.168.0.100 I would love some help, I tried the rulse as micheal had them, but to no avail... root:~# ipfw -a list 00050 1124169 673224297 divert 8668 ip from any to any via ed0 00100 10012 1012606 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 00350 0 0 pipe 1 tcp from 192.168.1.100 to any out 65000 2266497 1348187861 allow ip from any to any 65535 3 452 deny ip from any to any root:~# ----- Original Message ----- From: "Richard Smith" To: "Michael Lucas" Cc: Sent: Sunday, July 01, 2001 3:03 PM Subject: Re: dummynet question > On Sun, Jul 01, 2001 at 01:15:31PM -0400, Michael Lucas wrote: > > Hello, > > > > I have several Web sites, with different IP addresses, on one server. > > I would like to limit each individual site to 128k of outbound traffic. > > > > ipfw add 00100 pipe 1 ip from a.b.c.d to any > > ipfw add 00200 pipe 2 ip from a.b.c.e to any > > .... > > > > ipfw pipe 1 config bw 128Kbit/s > > ipfw pipe 2 config bw 128Kbit/s > > ... > > > > Could I simplify this into pointing each IPFW rule into "pipe 1", > > throttling each to 128K? Or would they share the bandwidth, or would > > something else funky happen? > > No. They would all share the same 128K pipe. Your former approach > is the correct one. [I am assuming that the rules run on the web > server itself, otherwise they may need modification] > > Richard. > > -- > Richard Smith > Network Systems Director > Satamatics Ltd > Green Lane, Tewkesbury, GL20 8HD, United Kingdom > Tel: +44 1684 278610 > Fax: +44 1684 278611 > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message