From owner-freebsd-pf@FreeBSD.ORG Thu Aug 21 05:07:58 2008 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E9942106564A for ; Thu, 21 Aug 2008 05:07:58 +0000 (UTC) (envelope-from eridan911@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.175]) by mx1.freebsd.org (Postfix) with ESMTP id 76AF88FC19 for ; Thu, 21 Aug 2008 05:07:58 +0000 (UTC) (envelope-from eridan911@gmail.com) Received: by ug-out-1314.google.com with SMTP id o4so879091uge.39 for ; Wed, 20 Aug 2008 22:07:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type:references; bh=XNgCsDgq8jeCF2IoHC+6cfySBKELaygxh9dcKTR3++c=; b=wXwpPbUTMLw+dOwzfnLXya7i2rhrd0JglZe6CFyYDGB0bE5WNCS9wURzyC5TkUZr65 8P1K53gQtskLH4DiY6KB9jJhbjbdvE6XTW8AP6alKhpYzz1JZpIh0d7P7oBb7cZnKax+ ru4jVl23VfR4mZnmJPCmFO3MideTdUI41s2Mk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:references; b=f2i5eO9MRbu9dqAebxOVG8LSVdVnKHRdDu4lPLOxnuj10Gl2AN4rLkr71/amcmN9wK N7qwxAXqlbwLgZb7TTqY0jl94k8ccSwYl44E0mhhzoOWcX2CsIJlEK6M9vfbjUnCImU0 s6Me1YQnt9qlskq4UcxP9Kot+yCplcNdR4tZs= Received: by 10.103.211.3 with SMTP id n3mr644086muq.43.1219295277079; Wed, 20 Aug 2008 22:07:57 -0700 (PDT) Received: by 10.103.252.13 with HTTP; Wed, 20 Aug 2008 22:07:57 -0700 (PDT) Message-ID: Date: Thu, 21 Aug 2008 07:07:57 +0200 From: "Erik Danielsson" To: freebsd-pf@freebsd.org In-Reply-To: <48AC1BCE.3050109@quis.cx> MIME-Version: 1.0 References: <48AC1BCE.3050109@quis.cx> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: Limiting bandwidth X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Aug 2008 05:07:59 -0000 Thanks guys. One question remains though. To count the total traffic from a certain IP range, should a separate PF rule with a label be used? If so, how can I reset only the labels statistics whenever I want to? On Wed, Aug 20, 2008 at 3:27 PM, Jille wrote: > Erik Danielsson wrote: > >> Hello, >> >> I'm using PF together with ALTQ, but my need of limiting bandwidth has >> changed. I need to be able to limit the bandwidth from/to a certain IP >> range, but only once a specific amount of data has been transferred >> from/to >> that IP range. At midnight I want the counter to be reset, and everything >> should start over. >> >> For example, I want to allow, let's say 10 GiB from e.g 192.168.0.1/24, >> and >> once the 10GiB limit has been reached, I want to limit the bandwidth to xx >> kbits/s until midnight. >> Any ideas how to accomplish this, can it be done using PF and ALTQ? >> >> > afaik, you can only limit the bandwith with pf/altq and not count the total > usage, and use that in rules. > The best you can do (I think), is let pf create stats of the used > bandwidth, and let some script check whether they reached the 10GiB limit, > and if so add that rule to a table that limits bandwith. > and a script that resets the counters at midmight and flush the table. > > -- Jille > >> Regards >> Erik Danielsson >> _______________________________________________ >> freebsd-pf@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-pf >> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >> >> >