From owner-freebsd-ipfw Fri Nov 12 12: 3:41 1999 Delivered-To: freebsd-ipfw@freebsd.org Received: from rucus.ru.ac.za (rucus.ru.ac.za [146.231.29.2]) by hub.freebsd.org (Postfix) with SMTP id C93A214CF0 for ; Fri, 12 Nov 1999 12:03:34 -0800 (PST) (envelope-from bvi@rucus.ru.ac.za) Received: (qmail 2990 invoked by uid 374); 12 Nov 1999 20:03:32 -0000 Date: Fri, 12 Nov 1999 22:03:32 +0200 From: Barry Irwin To: Darcy Buskermolen Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: monitoring ipfw with mrtg? Message-ID: <19991112220332.H57266@rucus.ru.ac.za> References: <3.0.32.19991026203509.01eb9e20@mail.ok-connect.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <3.0.32.19991026203509.01eb9e20@mail.ok-connect.com>; from darcy@ok-connect.com on Tue, Oct 26, 1999 at 08:35:09PM -0700 Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I've just finished writing a perl parser for ipfw rules, that then plugs the data back to mrtg, works really nicely Finishing off some of the details tonight but it should be up and avaliable in the next few hours http://rucus.ru.ac.za/~bvi/utils/mrtg or http://moria.org/~bvi/utils/mrtg Really nifty for having a look at particular traffic patterns and example of its use is at http://rucus.ru.ac.za/~quark/rucus-fw/ Hope this helps Barry On Tue 1999-10-26 (20:35), Darcy Buskermolen wrote: > Gregory > here is the information I recived when I asked the same question of the > list a while back > >Darcy Buskermolen wrote: > >> > >> Can anybody tell me how to get snmp monitoring of ipfw rules to work ? > >> > >> I've tried almost every variation of snmpwalk/get that I can thik of but > >> with no luck :/ I've done this before on linux installs but with ipfwadm. > > > >I am made module to ucd-snmpd, it works for me, but I don't tried to > >walk accross > >it, I need only get, But may be walk will work too. > > > >while build it is need to add special flag to configure for add this > >module > > > >If you interested in it, gpt it from > >http://www.plugcom.ru/~vova/ipfw-snmp.tgz > > >.iso.org.dod.internet.private.enterprises.ucdavis.ucdExperimental.ipFwRules > .ipFwBytes - byte counter > >.iso.org.dod.internet.private.enterprises.ucdavis.ucdExperimental.ipFwRules > .ipFwPackets - packet counter > > > > > >-- > > > >TSB Russian Express, Moscow > >Vladimir B. Grebenschikov, vova@express.ru > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > >with "unsubscribe freebsd-ipfw" in the body of the message > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message -- -------------------------------------------------------------------------- Barry Irwin IRC: balin@zanet (#linux) bvi@moria.org http://rucus.ru.ac.za/~bvi Whois BI414 - PMPN8EZ - http://moria.org -------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Nov 12 12: 5:49 1999 Delivered-To: freebsd-ipfw@freebsd.org Received: from rucus.ru.ac.za (rucus.ru.ac.za [146.231.29.2]) by hub.freebsd.org (Postfix) with SMTP id D7A3A14CF0 for ; Fri, 12 Nov 1999 12:05:40 -0800 (PST) (envelope-from bvi@rucus.ru.ac.za) Received: (qmail 3398 invoked by uid 374); 12 Nov 1999 20:05:36 -0000 Date: Fri, 12 Nov 1999 22:05:36 +0200 From: Barry Irwin To: ipfw@FreeBSD.ORG Subject: TOS support for FreeBSD Message-ID: <19991112220536.I57266@rucus.ru.ac.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi All I've been playing with some of the TOS stuff in ipchains under the 2.2.x kernel series on linux, and was wondering if there was any similar functionality under FreeBSD. looked at the ipfw manpage on my 3.3-stable box and cant find anything relevant. Thanks Barry -- -------------------------------------------------------------------------- Barry Irwin IRC: balin@zanet (#linux) bvi@moria.org http://rucus.ru.ac.za/~bvi Whois BI414 - PMPN8EZ - http://moria.org -------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Fri Nov 12 17:32:53 1999 Delivered-To: freebsd-ipfw@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 5286F150AE; Fri, 12 Nov 1999 17:32:52 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 423191CD435; Fri, 12 Nov 1999 17:32:52 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Fri, 12 Nov 1999 17:32:52 -0800 (PST) From: Kris Kennaway To: Barry Irwin Cc: ipfw@FreeBSD.ORG Subject: Re: TOS support for FreeBSD In-Reply-To: <19991112220536.I57266@rucus.ru.ac.za> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, 12 Nov 1999, Barry Irwin wrote: > Hi All > > I've been playing with some of the TOS stuff in ipchains under the 2.2.x > kernel series on linux, and was wondering if there was any similar > functionality under FreeBSD. > > looked at the ipfw manpage on my 3.3-stable box and cant find anything > relevant. You neglected to mention what the "TOS stuff" does. Kris ---- Cthulhu for President! For when you're tired of choosing the _lesser_ of two evils.. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Sat Nov 13 0: 5: 1 1999 Delivered-To: freebsd-ipfw@freebsd.org Received: from rucus.ru.ac.za (rucus.ru.ac.za [146.231.29.2]) by hub.freebsd.org (Postfix) with SMTP id 2151914E29 for ; Sat, 13 Nov 1999 00:04:55 -0800 (PST) (envelope-from bvi@rucus.ru.ac.za) Received: (qmail 42987 invoked by uid 374); 13 Nov 1999 08:04:54 -0000 Date: Sat, 13 Nov 1999 10:04:54 +0200 From: Barry Irwin To: Kris Kennaway Cc: ipfw@FreeBSD.ORG Subject: Re: TOS support for FreeBSD Message-ID: <19991113100453.Q57266@rucus.ru.ac.za> References: <19991112220536.I57266@rucus.ru.ac.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: ; from kris@hub.FreeBSD.ORG on Fri, Nov 12, 1999 at 05:32:52PM -0800 Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri 1999-11-12 (17:32), Kris Kennaway wrote: > On Fri, 12 Nov 1999, Barry Irwin wrote: > > > Hi All > > > > I've been playing with some of the TOS stuff in ipchains under the 2.2.x > > kernel series on linux, and was wondering if there was any similar > > functionality under FreeBSD. > > > > looked at the ipfw manpage on my 3.3-stable box and cant find anything > > relevant. > You neglected to mention what the "TOS stuff" does. > TOS is type-of-service, and is determined by bits 8->15 in the IP Header. Only 4 of these bits are actually used, and stand for : miimize delay, minimize monetary cost, maximize throughput, maximize reliability. The net effect of setting these, is that with a TOS aware router ( such as linux 2.2) one can use these to provide some presidence for ones IP traffic. The mose usefull effect I've found for this is to set minimum delay on all my ineteractive telnet/ssh and ftp command traffic, while assigning max throughput to ftp-data and http traffic. This allows me to still work with a minimal lag to various servers I'm remotely connected to, even while my dialup connection is runningat nearly 100% capacity, as opposed to the non TOS situation , of every packet takes its turn and lag becomes terrible, basically rendering interactive use while performing a large file download a waste of time. More details regarding TOS can be found in RFC 1340 (Postel) and an update in RFC 1349 (Almquist) Linux ipchanis allows one to modify the tos bits on a packet providing it matches certain rules, this is the functionality I was wondering was avaliable in FreeBSD Hope this makes things clearer -- -------------------------------------------------------------------------- Barry Irwin IRC: balin@zanet (#linux) bvi@moria.org http://rucus.ru.ac.za/~bvi Whois BI414 - PMPN8EZ - http://moria.org -------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Sat Nov 13 16: 7:11 1999 Delivered-To: freebsd-ipfw@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 13AF314CAB; Sat, 13 Nov 1999 16:07:09 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id D9EB21CD43E; Sat, 13 Nov 1999 16:07:09 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Sat, 13 Nov 1999 16:07:09 -0800 (PST) From: Kris Kennaway To: Barry Irwin Cc: ipfw@FreeBSD.ORG Subject: Re: TOS support for FreeBSD In-Reply-To: <19991113100453.Q57266@rucus.ru.ac.za> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 13 Nov 1999, Barry Irwin wrote: > TOS is type-of-service, and is determined by bits 8->15 in the IP Header. [...] yes, I knew all this :) > Linux ipchanis allows one to modify the tos bits on a packet providing it > matches certain rules, this is the functionality I was wondering was > avaliable in FreeBSD This is what I was asking about. You might be able to do this with ipfilter, but ipfw doesn't (TOS isn't used much in the internet, AFAIK). There are probably other ways do achieve the same goal (traffic priority) on your Linux router which are more compatible with freebsd. Kris ---- Cthulhu for President! For when you're tired of choosing the _lesser_ of two evils.. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Sat Nov 13 18:54:23 1999 Delivered-To: freebsd-ipfw@freebsd.org Received: from green.myip.org (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 6ADC61512D; Sat, 13 Nov 1999 18:53:51 -0800 (PST) (envelope-from green@FreeBSD.org) Received: from localhost ([127.0.0.1] ident=green) by green.myip.org with esmtp (Exim 3.02 #1) id 11mpkR-000PFC-00; Sat, 13 Nov 1999 21:50:36 -0500 Date: Sat, 13 Nov 1999 21:50:35 -0500 (EST) From: Brian Fundakowski Feldman X-Sender: green@green.myip.org To: Kris Kennaway Cc: Barry Irwin , ipfw@FreeBSD.ORG Subject: Re: TOS support for FreeBSD In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 13 Nov 1999, Kris Kennaway wrote: > On Sat, 13 Nov 1999, Barry Irwin wrote: > > > TOS is type-of-service, and is determined by bits 8->15 in the IP Header. > > [...] yes, I knew all this :) > > > Linux ipchanis allows one to modify the tos bits on a packet providing it > > matches certain rules, this is the functionality I was wondering was > > avaliable in FreeBSD > > This is what I was asking about. > > You might be able to do this with ipfilter, but ipfw doesn't (TOS isn't > used much in the internet, AFAIK). There are probably other ways do > achieve the same goal (traffic priority) on your Linux router which are > more compatible with freebsd. For a modest price for time, I could have this in IPFW easily if you give me a description of what functionality is that which you want. Otherwise, I could put it on my list of things to add to the new IPFW (damn, I really need to write that paper!) when I work on that; or, I could get to it whenever I next get really bored :) > > Kris > > ---- > Cthulhu for President! For when you're tired of choosing the _lesser_ of > two evils.. > -- Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! / green@FreeBSD.org `------------------------------' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message