31.08.07 @ 07:43 Russell Fulton wrote:
Before you ask, yes I've RTFM ;) which was very imformative and there
are still some things that I have missed.
1/ Is there a way of reloading rules while maintaining the state table
or is this the default? (put another way does flush affect dynamic
rules).
Yes, it flushes dynamic rules because they depend on their parents, which
are flushed too.
2/ we are using state and also shaping traffic via pipes. What
interaction, if any is there between pipes and state? i.e. if a packet
gets sent to a pipe will other traffic that is matched by the dynamic
rule also get sent to the pipe?
Yes, it should.
3/ are pipes bidirectional? I.e. do I need to say
add 02421 pipe 6 all from 130.216.95.0/24 to any
add 02422 pipe 7 all from any to 130.216.95.0/24
Umm... that depends on what you really want. Pipe is unidirectional in
sense that you always send packets into one end, and they'll get out from
the other end. So speed is depends on where that ends are connected to. So
if you are configuring pipe to, e.g., 1 Mbit, and say "pipe 1 all from A
to B" and "pipe 1 all from B to A", then both upload+download between A
and B will be 1 Mbit, SUMMARY. And if you send "A to B" traffic into 512
Kbit pipe and "B to A" traffic into 128 Kbit pipe, than you'll get exactly
this speed, in specified directions, respectively.
--
WBR, Vadim Goncharov
_______________________________________________
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
