From owner-freebsd-ipfw@FreeBSD.ORG Sun Nov 23 11:05:03 2003 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8748316A4CF for ; Sun, 23 Nov 2003 11:05:03 -0800 (PST) Received: from fed1mtao04.cox.net (fed1mtao04.cox.net [68.6.19.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id BFBE543FB1 for ; Sun, 23 Nov 2003 11:05:02 -0800 (PST) (envelope-from sahafeez@edgefocus.com) Received: from [192.168.64.100] ([68.4.168.164]) by fed1mtao04.cox.net (InterMail vM.5.01.06.05 201-253-122-130-105-20030824) with ESMTP id <20031123190502.OLFP3905.fed1mtao04.cox.net@[192.168.64.100]> for ; Sun, 23 Nov 2003 14:05:02 -0500 Mime-Version: 1.0 (Apple Message framework v606) Content-Transfer-Encoding: 7bit Message-Id: Content-Type: text/plain; charset=US-ASCII; format=flowed To: freebsd-ipfw@freebsd.org From: Sean Hafeez Date: Sun, 23 Nov 2003 11:05:04 -0800 X-Mailer: Apple Mail (2.606) Subject: Shaping 2 types of traffic? X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Nov 2003 19:05:03 -0000 I am currently shaping all outbound and inbound user to 1mb via this: ipfw add 999 divert natd all from any to any via rl0 ipfw add pipe 1 ip from any to any in recv rl1 ipfw add pipe 2 ip from any to any out xmit rl1 ipfw pipe 1 config mask src-ip 0xffffffff bw 1024kbits/s ipfw pipe 2 config mask dst-ip 0xffffffff bw 1024kbits/s rl0 is the external interface and rl1 in the internal. Now what I would like to do is apply a different shaping for ICMP traffic while still limiting everyones individual total to 1mb. The reason for this is that we are having virus issues and I want to shape all ICMP to 64k vs. blocking it all. Thanks!