Very Computer

by **Nico Bouthoo** » Tue, 18 Aug 1998 04:00:00

--

Hello,

We like to limit the incoming traffic via our firewall, is this possible
with ipfw filter rules? The firewall machine is a freebsd 2.2.5, TIS and
apache as proxyserver.

Nico

by **Staffan Ulfber** » Tue, 18 Aug 1998 04:00:00

> We like to limit the incoming traffic via our firewall, is this possible
> with ipfw filter rules? The firewall machine is a freebsd 2.2.5, TIS and
> apache as proxyserver.

I've only used ipfw on 2.2.6, but at least that one works for me. So,
I think the answer to your question in yes (if you don't have any
special needs that cannot be expressed by the filter rules.) I don't
know how fast it is, etc., though, but if the rules are relatively
simple and the required speed not very fast (say you have a 2Mbps
Internet connection), I think it should suffice.

Staffan

by **Nico Bouthoo** » Wed, 19 Aug 1998 04:00:00

--

Sorry, now reading this post again, I see that I'm not very clear,
what I mean is limit the number of bit's/bytes per second.
Our ISP charges for a third of the full bandwidth for the incoming
traffic a fixed price, outgoing is free
A very crude solution will be a ppp connection via serial lines
to the firewall machine....

Nico

Quote:>Hello,

>We like to limit the incoming traffic via our firewall, is this possible
>with ipfw filter rules? The firewall machine is a freebsd 2.2.5, TIS and
>apache as proxyserver.

>Nico

by **Alexandre CHER** » Wed, 19 Aug 1998 04:00:00

[Posted and mailed]

Hi,

Luigi Rizzo has made an hack of IPFW to limit bandwith, it's still under development, but take a look at it

http://www.iet.unipi.it/~luigi/ip_dummynet/

I haven't try it, but it's Luigi's soft so it must be working :)

A+

by **Staffan Ulfber** » Wed, 19 Aug 1998 04:00:00

> Sorry, now reading this post again, I see that I'm not very clear,
> what I mean is limit the number of bit's/bytes per second.
> Our ISP charges for a third of the full bandwidth for the incoming
> traffic a fixed price, outgoing is free
> A very crude solution will be a ppp connection via serial lines
> to the firewall machine....

After answering your article it occurred to me that maybe a speed
limit was what you wanted, but well, then again I thought, maybe not.
Anyway, you can't use ipfw for this. I'm not well informed at all
about shaping software, but I know of some Linux package called
"shaper" that does this. As it is a kernel module, though, it is not
"easily" portble to FreeBSD. Maybe there are others?

Staffan

by **Luigi Rizz** » Wed, 19 Aug 1998 04:00:00

Quote:> Luigi Rizzo has made an hack of IPFW to limit bandwith, it's still under development, but take a look at it

> http://www.iet.unipi.it/~luigi/ip_dummynet/

> I haven't try it, but it's Luigi's soft so it must be working :)

what can i say more :)

and yes, it does work on 2.2.6 (haven't ported to 2.2.7 yet...)

cheers
luigi

-----------------------------+--------------------------------------
Luigi Rizzo | Dip. di Ingegneria dell'Informazione

tel: +39-50-568533 | via Diotisalvi 2, 56126 PISA (Italy)
fax: +39-50-568522 | http://www.iet.unipi.it/~luigi/
_____________________________|______________________________________

Very Computer

Limiting traffic with ipfw

Limiting traffic with ipfw

Limiting traffic with ipfw

Limiting traffic with ipfw

Limiting traffic with ipfw

Limiting traffic with ipfw

Limiting traffic with ipfw