Dummynet og ftp server

From: Mikkel Haugstrup (none@goooobi--hotmail.com.lh.bsd-dk.dk)
Date: Tue 05 Mar 2002 - 01:19:05 CET

Next message: Mads: "Flaws i PHP??"
Previous message: Sven Esbjerg: "Re: CVS tags"
Next in thread: Mikkel Haugstrup: "Re: Dummynet og ftp server"
Reply: Mikkel Haugstrup: "Re: Dummynet og ftp server"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

From: "Mikkel Haugstrup" <none@goooobi--hotmail.com.lh.bsd-dk.dk>
To: <none@bsd-dk--bsd-dk.dk.lh.bsd-dk.dk>
Subject: Dummynet og ftp server
Date: Tue, 5 Mar 2002 01:19:05 +0100

Jeg har lavet følgende shell script ideén med det var at det skulle begrænse
trafikken til min ftp fra internetttet men ikke fra lokalnettet. Mtn problem
er at også connections fra mit LAN til internettet bliver begrænset til
25kb/s.

Hvad gør jeg forkert?

Skal jeg ind og definere nærmere hvilke interfaces der er tale om... der er
kun et: xl0.

<shell script>
fwcmd="/sbin/ipfw"

# Flush default settings
${fwcmd} -f flush

# pipes
pipe_in=1
pipe_out=2
pipe_out_ftp=3

lan_pipe_in=7
lan_pipe_out=8

# Enable NAT
${fwcmd} add divert natd all from any to any via xl0

# Create pipes

# Til inet connection
${fwcmd} pipe ${pipe_in} config bw 107KBytes/s
${fwcmd} pipe ${pipe_out} config bw 52KBytes/s
${fwcmd} pipe ${pipe_out_ftp} config bw 25KBytes/s

# Til LAN
${fwcmd} pipe ${lan_pipe_in} config bw 100Mbit/s
${fwcmd} pipe ${lan_pipe_out} config bw 100Mbit/s

# LAN trafik fanges 10.11.12.32-64 og 10.11.12.128-254
${fwcmd} queue 11 config pipe ${lan_pipe_in} weight 1
${fwcmd} queue 12 config pipe ${lan_pipe_out} weight 1
${fwcmd} add queue 11 tcp from 10.11.12.32/27 to me
${fwcmd} add queue 12 tcp from me to 10.11.12.32/27
${fwcmd} add queue 11 tcp from 10.11.12.128/25 to me
${fwcmd} add queue 12 tcp from me to 10.11.12.128/25

# Server data trafik
${fwcmd} queue 1 config pipe ${pipe_in} weight 1
${fwcmd} queue 2 config pipe ${pipe_out_ftp} weight 1
${fwcmd} add queue 1 tcp from any to me 20
${fwcmd} add queue 2 tcp from me 20 to any
${fwcmd} add queue 1 tcp from any to me 21
${fwcmd} add queue 2 tcp from me 21 to any
${fwcmd} add queue 1 tcp from any to me 16500-16599
${fwcmd} add queue 2 tcp from me 16500-16599 to any

# Resten af internet traffikken skal fanges
${fwcmd} queue 13 config pipe ${pipe_in} weight 100
${fwcmd} queue 14 config pipe ${pipe_out} weight 100
${fwcmd} add queue 13 ip from any to me
${fwcmd} add queue 14 ip from me to any

# Pass resten
${fwcmd} add pass all from any to any
</shell script>

/mikkel

Next message: Mads: "Flaws i PHP??"
Previous message: Sven Esbjerg: "Re: CVS tags"
Next in thread: Mikkel Haugstrup: "Re: Dummynet og ftp server"
Reply: Mikkel Haugstrup: "Re: Dummynet og ftp server"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b30 : Wed 15 Nov 2006 - 18:24:19 CET