From owner-freebsd-questions Tue Nov 27 2:27: 5 2001 Delivered-To: freebsd-questions@freebsd.org Received: from smtp017.mail.yahoo.com (smtp017.mail.yahoo.com [216.136.174.114]) by hub.freebsd.org (Postfix) with SMTP id E75C337B6B7 for ; Tue, 27 Nov 2001 02:27:00 -0800 (PST) Received: from arvi.dik.cvut.cz (HELO arvi) (147.32.108.253) by smtp.mail.vip.sc5.yahoo.com with SMTP; 27 Nov 2001 10:27:00 -0000 Message-ID: <002201c1772e$0c2b4d90$fd6c2093@arvi> From: =?iso-8859-1?Q?Radek_V=E1clav=EDk?= To: References: <013301c176cd$bd523860$fd6c2093@arvi> <20011126164841.B418@gohan.cjclark.org> Subject: Re: IPFW rules Date: Tue, 27 Nov 2001 11:26:58 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Sorry I didn't specify my question more accurately. Of course I have used dummynet and I have also found some rules on the Internet. But unfortunaletyl none of them worked. Something like this for example: ipfw add queue 1 ip from any to 10.1.2.0/24 ipfw queue 1 config weight 5 pipe 2 mask dst-ip 0x000000ff ipfw pipe 2 config bw 300Kbit/s Doesn't work thow... So what I am asking for is not theory, but I am asking someone, to whom it actually works! I have been trying tons of different possibilities, but didn't get the right one.. I believe, someone had to face this problem before, so please help. I really don't know what to do... Thanks. [:aRVi:] RadekVaclavik@yahoo.com ICQ: 56909029 ----- Original Message ----- From: "Crist J. Clark" To: "Radek Václavík" Cc: Sent: Tuesday, November 27, 2001 1:48 AM Subject: Re: IPFW rules > On Mon, Nov 26, 2001 at 11:57:34PM +0100, Radek Václavík wrote: > [snip] > > > My problem is this one: I have a network, which has a relatively slow > > connection out to the world. And due to a lots of ftp traffic, other > > services (like ssh, telnet, vnc..etc) are getting very slow because of high > > ping and packet loss. Therefore, I would like to set priority to packets at > > different ports (for the firewall to handle these packets prior to the other > > ones - like ftp). And this is it. How to create rule for this? > > I don't want to strictly restrict the bandwitch for ftp (to have full use of > > the line for ftp when not using the other services). And even if I'd decide > > to do so (rules for this work fine), I don't know, what ports to restrict > > ( 2o only doesn't work, cause a lot of users download from different ftp > > ports). > > Look at dummynet(4) and 'pipe' rules in ipfw(8). But catching the ftp > data connections with the rules is non-trivial. I do not believe that > there is any simple functionality for this built into any tools. > -- > Crist J. Clark cjclark@alum.mit.edu > _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message