From owner-freebsd-ipfw@FreeBSD.ORG Mon Dec 12 11:07:26 2011 Return-Path: Delivered-To: freebsd-ipfw@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2117E106567E for ; Mon, 12 Dec 2011 11:07:26 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 0EE678FC23 for ; Mon, 12 Dec 2011 11:07:26 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id pBCB7Pbo030054 for ; Mon, 12 Dec 2011 11:07:25 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id pBCB7PHh030052 for freebsd-ipfw@FreeBSD.org; Mon, 12 Dec 2011 11:07:25 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 12 Dec 2011 11:07:25 GMT Message-Id: <201112121107.pBCB7PHh030052@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-ipfw@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-ipfw@FreeBSD.org X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Dec 2011 11:07:26 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/158066 ipfw [ipfw] ipfw + netgraph + multicast = multicast packets o kern/157796 ipfw [ipfw] IPFW in-kernel NAT nat loopback / Default Route o kern/157689 ipfw [ipfw] ipfw nat config does not accept nonexistent int o kern/156770 ipfw [ipfw] [dummynet] [patch]: performance improvement and f kern/155927 ipfw [ipfw] ipfw stops to check packets for compliance with o bin/153252 ipfw [ipfw][patch] ipfw lockdown system in subsequent call o kern/153161 ipfw IPFIREWALL does not allow specify rules with ICMP code o kern/152113 ipfw [ipfw] page fault on 8.1-RELEASE caused by certain amo o kern/148827 ipfw [ipfw] divert broken with in-kernel ipfw o kern/148689 ipfw [ipfw] antispoof wrongly triggers on link local IPv6 a o kern/148430 ipfw [ipfw] IPFW schedule delete broken. o kern/148091 ipfw [ipfw] ipfw ipv6 handling broken. o kern/143973 ipfw [ipfw] [panic] ipfw forward option causes kernel reboo o kern/143621 ipfw [ipfw] [dummynet] [patch] dummynet and vnet use result o kern/137346 ipfw [ipfw] ipfw nat redirect_proto is broken o kern/137232 ipfw [ipfw] parser troubles o kern/135476 ipfw [ipfw] IPFW table breaks after adding a large number o f kern/129036 ipfw [ipfw] 'ipfw fwd' does not change outgoing interface n p kern/128260 ipfw [ipfw] [patch] ipfw_divert damages IPv6 packets o kern/127230 ipfw [ipfw] [patch] Feature request to add UID and/or GID l o kern/122963 ipfw [ipfw] tcpdump does not show packets redirected by 'ip s kern/121807 ipfw [request] TCP and UDP port_table in ipfw o kern/121122 ipfw [ipfw] [patch] add support to ToS IP PRECEDENCE fields o kern/116009 ipfw [ipfw] [patch] Ignore errors when loading ruleset from o bin/104921 ipfw [patch] ipfw(8) sometimes treats ipv6 input as ipv4 (a o kern/104682 ipfw [ipfw] [patch] Some minor language consistency fixes a o kern/103454 ipfw [ipfw] [patch] [request] add a facility to modify DF b o kern/103328 ipfw [ipfw] [request] sugestions about ipfw table o kern/102471 ipfw [ipfw] [patch] add tos and dscp support o kern/97951 ipfw [ipfw] [patch] ipfw does not tie interface details to o kern/95084 ipfw [ipfw] [regression] [patch] IPFW2 ignores "recv/xmit/v o kern/86957 ipfw [ipfw] [patch] ipfw mac logging o bin/83046 ipfw [ipfw] ipfw2 error: "setup" is allowed for icmp, but s o kern/82724 ipfw [ipfw] [patch] [request] Add setnexthop and defaultrou o bin/78785 ipfw [patch] ipfw(8) verbosity locks machine if /etc/rc.fir o kern/60719 ipfw [ipfw] Headerless fragments generate cryptic error mes s kern/55984 ipfw [ipfw] [patch] time based firewalling support for ipfw o kern/48172 ipfw [ipfw] [patch] ipfw does not log size and flags o kern/46159 ipfw [ipfw] [patch] [request] ipfw dynamic rules lifetime f a kern/26534 ipfw [ipfw] Add an option to ipfw to log gid/uid of who cau 40 problems total. From owner-freebsd-ipfw@FreeBSD.ORG Thu Dec 15 14:39:54 2011 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CCFA0106564A for ; Thu, 15 Dec 2011 14:39:54 +0000 (UTC) (envelope-from mira@chlastak.cz) Received: from mail.intime.cz (mail.intime.cz [188.175.134.236]) by mx1.freebsd.org (Postfix) with ESMTP id 8C5EC8FC17 for ; Thu, 15 Dec 2011 14:39:54 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.intime.cz (Postfix) with ESMTP id 0EC9590DF4D for ; Thu, 15 Dec 2011 15:24:55 +0100 (CET) X-Virus-Scanned: amavisd-new at mail.intime.cz Received: from mail.intime.cz ([127.0.0.1]) by localhost (mail.intime.cz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id puzk28U-AmMf for ; Thu, 15 Dec 2011 15:24:49 +0100 (CET) Received: from [10.200.1.172] (unknown [89.233.138.158]) by mail.intime.cz (Postfix) with ESMTPSA id 0571A90E015 for ; Thu, 15 Dec 2011 15:24:49 +0100 (CET) Message-ID: <4EEA031E.6090201@chlastak.cz> Date: Thu, 15 Dec 2011 15:24:30 +0100 From: Miroslav Chlastak User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20111105 Thunderbird/8.0 MIME-Version: 1.0 To: freebsd-ipfw@freebsd.org Content-Type: text/plain; charset=ISO-8859-2; format=flowed Content-Transfer-Encoding: 7bit Subject: better sharing connectivity in queue X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: mira@chlastak.cz List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Dec 2011 14:39:54 -0000 Hi all, is there (ipfw/dummynet) any mechanism, how to queue network traffic like PCQ in Mikrotik (http://wiki.mikrotik.com/wiki/Manual:Queues_-_PCQ)? What can I do - better sharing of internet conectivity for clients in LAN (better balanced). If i have 1 queue (e.g. 10Mbps) with 10 clients ip address and one client have heavy load on network, than this client have most of "speed" of this queue. Example of my queue config: ipfw pipe 1 config bw 10Mbps queue 16Kbytes ipfw pipe 2 config bw 10Mbps queue 16Kbytes ipfw queue 1 config pipe 1 mask src-ip 0xffffffff queue 16Kbytes ipfw queue 2 config pipe 2 mask dst-ip 0xffffffff queue 16Kbytes Client to queue config: ipfw add queue 1 ip from client_ip to any ipfw add queue 2 ip from any to client_ip