From owner-freebsd-ipfw Sun Sep 23 5: 8:51 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from mmu.edu.my (ext-dns.mmu.edu.my [203.106.62.11]) by hub.freebsd.org (Postfix) with ESMTP id 6E76837B40A for ; Sun, 23 Sep 2001 05:08:46 -0700 (PDT) Received: from venus.cyber.mmu.edu.my (venus.cyber.mmu.edu.my [203.106.62.12]) by mmu.edu.my (8.9.1b+Sun/8.9.1) with ESMTP id UAA25803 for ; Sun, 23 Sep 2001 20:04:56 +0800 (MYT) Received: from there ([10.100.99.40]) by venus.cyber.mmu.edu.my (8.8.8+Sun/8.8.8) with SMTP id UAA06266 for ; Sun, 23 Sep 2001 20:04:49 +0800 (SGT) Message-Id: <200109231204.UAA06266@venus.cyber.mmu.edu.my> Content-Type: text/plain; charset="iso-8859-1" From: nuzrin yaapar Reply-To: nuzrin@goose.net.my Organization: multimedia university To: freebsd-ipfw@freebsd.org Subject: dummynet rules Date: Sun, 23 Sep 2001 20:18:36 +0800 X-Mailer: KMail [version 1.3] MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi all, Say if I were to limit lets says ip 192.168.50.51, 192.168.50.52, and 192.168.50.53 bandwidth to a maximum bandwidth of 64Kbit/s for all traffic. So, is the rules below anywhere near correct? ipfw add pipe 1 all from 192.168.50.51 ipfw add pipe 1 all from 192.168.50.52 ipfw add pipe 1 all from 192.168.50.53 ipfw pipe 1 config mask all bw 64Kbit/s Any suggestions or pointers is greatly appreciated. Thanks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Wed Sep 26 2:34:51 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx9.port.ru (mx9.port.ru [194.67.57.19]) by hub.freebsd.org (Postfix) with ESMTP id 70F0637B40F for ; Wed, 26 Sep 2001 02:34:48 -0700 (PDT) Received: from [213.59.88.91] (helo=dkv.vitcom.ru) by mx9.port.ru with esmtp (Exim 3.14 #1) id 15mB5Y-0004ng-00 for freebsd-ipfw@freebsd.org; Wed, 26 Sep 2001 13:34:44 +0400 Date: Wed, 26 Sep 2001 13:33:34 +0400 From: Konstantin X-Mailer: The Bat! (v1.53d) Reply-To: Konstantin X-Priority: 3 (Normal) Message-ID: <10519792441.20010926133334@mail.ru> Disposition-Notification-To: skif_dk@mail.ru To: freebsd-ipfw@freebsd.org Subject: logging MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello freebsd-ipfw, Ipfw send to log_file message .....ipfw: 9 Accept P:47 sddr1 addr2 in via ed0 Rule 9 is: add 9 pass ip from addr1 to addr2 add 9 pass ip from addr2 ro addr1 I want connect cache(squid) with cisco-2621 for proto wccp What is it? How do i do? Best regards, Konstantin mailto:skif_dk@mail.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Wed Sep 26 10:44:43 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from smgwisys.intersys.com.mx (smgwisys.intersys.com.mx [206.65.32.41]) by hub.freebsd.org (Postfix) with SMTP id CD29D37B434 for ; Wed, 26 Sep 2001 10:44:39 -0700 (PDT) Received: by smgwisys.intersys.com.mx(Lotus SMTP MTA v4.6.4 (830.2 3-23-1999)) id 06256AD3.00670328 ; Wed, 26 Sep 2001 12:45:10 -0600 X-Lotus-FromDomain: INTERSYS@ISYS From: rrios@intersys.com.mx To: freebsd-ipfw@freebsd.org Message-ID: <06256AD3.00670172.00@smgwisys.intersys.com.mx> Date: Wed, 26 Sep 2001 12:23:51 -0600 Subject: It could be a dynamic nat-ip-pool on FreeBSD?? Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Maybe any has ever seen some configuration on PIX or FW-IOS where a pool-ip cant exist to do NAT for example: ------------------------ Router: ! interface FastEthernet0/0 ip address 148.x.x.1 255.255.255.240 secondary ip address 10.10.10.2 255.255.0.0 ip nat inside ! interface Serial0/0:0 ip address 148.x.x.1 255.255.255.252 ip nat outside ! ip nat pool internet 148.x.x.212 148.x.x.222 netmask 255.255.255.240 ip nat inside source list 1 pool internet overload ! access-list 1 permit 10.10.0.0 0.0.255.255 ------------------------- PIX: ip address outside 200.x.x.3 255.255.255.192 ip address inside 10.139.10.4 255.255.255.0 global (outside) 1 200.x.x.10-200.x.x.63 nat (inside) 1 0.0.0.0 0.0.0.0 ------------------------- I would like to know if anibody has ever try to do this in FreeBSD box, the problem is with only one IP for NAT I have problems with some aplications like IRC, Messangers etc.. "ipfw add divert natd all from any to any xl0" xl0-public It's not possible to try redirect_address becouse exist a DHCP behind and then will be problems with arp entry's, leases etc.. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Thu Sep 27 8:24: 6 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from mmu.edu.my (ext-dns.mmu.edu.my [203.106.62.11]) by hub.freebsd.org (Postfix) with ESMTP id 67DB537B41F for ; Thu, 27 Sep 2001 08:23:52 -0700 (PDT) Received: from venus.cyber.mmu.edu.my (venus.cyber.mmu.edu.my [203.106.62.12]) by mmu.edu.my (8.9.1b+Sun/8.9.1) with ESMTP id XAA16568; Thu, 27 Sep 2001 23:19:35 +0800 (MYT) Received: from there ([10.100.99.41]) by venus.cyber.mmu.edu.my (8.8.8+Sun/8.8.8) with SMTP id XAA24913; Thu, 27 Sep 2001 23:19:30 +0800 (SGT) Message-Id: <200109271519.XAA24913@venus.cyber.mmu.edu.my> Content-Type: text/plain; charset="iso-8859-1" From: nuzrin yaapar Reply-To: nuzrin@goose.net.my Organization: multimedia university To: rrios@intersys.com.mx, freebsd-ipfw@FreeBSD.ORG Subject: Re: It could be a dynamic nat-ip-pool on FreeBSD?? Date: Thu, 27 Sep 2001 23:33:07 +0800 X-Mailer: KMail [version 1.3] References: <06256AD3.00670172.00@smgwisys.intersys.com.mx> In-Reply-To: <06256AD3.00670172.00@smgwisys.intersys.com.mx> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG i'm not entirely sure what you want to do, but i guess you want to map range of your internal ip to range of public ip. i guess you should have a look at ipnat(1) and ipnat(5). maybe it can do what u want. On Thursday 27 September 2001 2:23 am, rrios@intersys.com.mx wrote: > Maybe any has ever seen some configuration on PIX or FW-IOS where a pool-ip > cant exist to do NAT for example: > ------------------------ > Router: > ! > interface FastEthernet0/0 > ip address 148.x.x.1 255.255.255.240 secondary > ip address 10.10.10.2 255.255.0.0 > ip nat inside > ! > interface Serial0/0:0 > ip address 148.x.x.1 255.255.255.252 > ip nat outside > ! > ip nat pool internet 148.x.x.212 148.x.x.222 netmask 255.255.255.240 > ip nat inside source list 1 pool internet overload > ! > access-list 1 permit 10.10.0.0 0.0.255.255 > ------------------------- > PIX: > > ip address outside 200.x.x.3 255.255.255.192 > ip address inside 10.139.10.4 255.255.255.0 > global (outside) 1 200.x.x.10-200.x.x.63 > nat (inside) 1 0.0.0.0 0.0.0.0 > > ------------------------- > > > I would like to know if anibody has ever try to do this in FreeBSD box, the > problem is with only one IP for NAT I have > problems with some aplications like IRC, Messangers etc.. "ipfw add divert > natd all from any to any xl0" xl0-public > > It's not possible to try redirect_address becouse exist a DHCP behind and > then will be problems with arp entry's, leases etc.. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message