Bandwith limitations, NAT and transparent proxy

[Alexandre Fedotov]

Здравствуйте, freebsd-questions.

You need to add queue's and forward all you inside subnets to those
queues

smthing like this
${fwcmd} pipe 1 config bw 128Kbit/s queue 20Kbytes
${fwcmd} queue 1 config pipe 1 weight 50 queue 20 mask dst-ip 0x
${fwcmd} queue 2  config pipe 1 weight 50 queue 20 mask src-ip 0xfff
${fwcmd} add 4 queue 1 ip from any to 192.168.1.128/25 via em0
${fwcmd} add 40001 queue 2 ip from 192.168.1.128/25 to any via em0
> Hi !
> 
> I have FreeBSD 4.8 installed.
> There is IPFIREWALL, IPFIREWALL_FORWARD, IPDIVERT and DUMMYNET in my 
> kernel configration.
> On my FBSD gateway to the Internet I would like to use NAT (of course 
> :-))) ), transparent proxy and limit the outgoing traffic.
> xl0 (62.169.170.166/30) is the public interface, xl1 (192.168.1.1/24) is 
> the private one.
> 
> If my firewall rules look like:
> ipfw pipe 1 config bw 256Kbit/s queue 40Kbytes
> ipfw add 47 pipe 1 ip from any to any out via xl0
> ipfw add 48 allow ip from 192.168.1.1 to any
> ipfw add 49 fwd 192.168.1.1,3128 tcp from 192.168.1.0/24 to any 80
> ipfw add 50 divert 8668 ip from any to any via xl0
> ... (the rest of OPEN firewall rules)
> nothing except http (because of transparent proxy, I think) goes through 
> the gateway from the local net.
> 
> If my firewall rules look like:
> ipfw pipe 1 config bw 256Kbit/s queue 40Kbytes
> ipfw add 47 pipe 1 ip from 62.169.170.166 to any out via xl0
> ipfw add 48 allow ip from 192.168.1.1 to any
> ipfw add 49 fwd 192.168.1.1,3128 tcp from 192.168.1.0/24 to any 80
> ipfw add 50 divert 8668 ip from any to any via xl0
> ... (the rest of OPEN firewall rules)
> everything works fine except except the bandwith limitation.
> 
> Do you have any ideas, how to get these three things (bandwith 
> limitation, nat, transparent proxy) work together ?
> 
> Thanks a lot in advance.
> 
> GIGI


--
С уважением,
Alexandre Fedotov
Management Training Center
www.mtcenter.ru
mailto:[EMAIL PROTECTED]

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Bandwith limitations, NAT and transparent proxy

[Uncle GIGI]

Hi !

I have FreeBSD 4.8 installed.
There is IPFIREWALL, IPFIREWALL_FORWARD, IPDIVERT and DUMMYNET in my 
kernel configration.
On my FBSD gateway to the Internet I would like to use NAT (of course 
:-))) ), transparent proxy and limit the outgoing traffic.
xl0 (62.169.170.166/30) is the public interface, xl1 (192.168.1.1/24) is 
the private one.

If my firewall rules look like:
ipfw pipe 1 config bw 256Kbit/s queue 40Kbytes
ipfw add 47 pipe 1 ip from any to any out via xl0
ipfw add 48 allow ip from 192.168.1.1 to any
ipfw add 49 fwd 192.168.1.1,3128 tcp from 192.168.1.0/24 to any 80
ipfw add 50 divert 8668 ip from any to any via xl0
... (the rest of OPEN firewall rules)
nothing except http (because of transparent proxy, I think) goes through 
the gateway from the local net.

If my firewall rules look like:
ipfw pipe 1 config bw 256Kbit/s queue 40Kbytes
ipfw add 47 pipe 1 ip from 62.169.170.166 to any out via xl0
ipfw add 48 allow ip from 192.168.1.1 to any
ipfw add 49 fwd 192.168.1.1,3128 tcp from 192.168.1.0/24 to any 80
ipfw add 50 divert 8668 ip from any to any via xl0
... (the rest of OPEN firewall rules)
everything works fine except except the bandwith limitation.
Do you have any ideas, how to get these three things (bandwith 
limitation, nat, transparent proxy) work together ?

Thanks a lot in advance.

GIGI

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"