Date: Thu, 23 Oct 2003 10:40:17 +0200 From: Aleksandar Simonovski <aleksandar@unet.com.mk> To: freebsd-net@freebsd.org Subject: Re: gateway/firewall script Message-ID: <20031023104017.4657840f.aleksandar@unet.com.mk> In-Reply-To: <3F974B06.7070304@netvulture.com> References: <20031022161353.2deeeeeb.aleksandar@unet.com.mk> <3F974B06.7070304@netvulture.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 22 Oct 2003 20:29:10 -0700 Jonathan Feally <vulture@netvulture.com> wrote: > Your problem lies in that you are counting the traffic twice in the > queue/pipe - once from the internal addr to the dst, and once from the > external addr to the dst. Change your rules to specify which IP Block > should get the bw limiting. > I don't know if the keep-state thing is throwing it out of whack or not. ok, i don't get this quite right, you meen i should change the masks to something like this: queue 1 config weight 5 pipe 1 mask src-ip 0xffffff00 queue 2 config weight 5 pipe 2 mask dst-ip 0xffffff00 queue 3 config weight 5 pipe 3 mask src-ip 0xffffff00 queue 4 config weight 5 pipe 4 mask dst-ip 0xffffff00
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031023104017.4657840f.aleksandar>