Date: Mon, 22 Mar 2010 11:30:48 +0200 From: Nikos Vassiliadis <nvass9573@gmx.com> To: Dan Naumov <dan.naumov@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: sftp server with speed throttling Message-ID: <4BA738C8.9080407@gmx.com> In-Reply-To: <cf9b1ee01003210653l668377b7lc9002ebc68ff063d@mail.gmail.com> References: <cf9b1ee01003210653l668377b7lc9002ebc68ff063d@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Dan Naumov wrote: > What are my options if I want to run an sftp server with speed > throttling? My understanding is that openssh (which includes sftp) in > base does not support this directly, so I would have to either use a > custom kernel with ALTQ (and I would really rather stick to GENERIC so > I can use freebsd-update) which sounds like a bit too much > configuration work or pass sftp traffic through PF and throttle it > (ugly, would also affect ssh traffic). You could examine the possibility of using ipfw and dummynet: 1) ipfw and dummynet are availabe in the GENERIC kernel. 2) Most of the time you can classify bulk/interactive traffic by examining the packet's length. IP packets carrying sftp traffic tend to be limited by MTU size or PMTU discovery. IP packets carrying ssh traffic tend to be much smaller. Nikos
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4BA738C8.9080407>