From owner-freebsd-net@FreeBSD.ORG Sun Aug 15 19:55:53 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 74DB716AEE0 for ; Sun, 15 Aug 2004 19:55:53 +0000 (GMT) Received: from mercury.is.co.za (mercury.is.co.za [196.4.160.222]) by mx1.FreeBSD.org (Postfix) with ESMTP id E973A43D5F for ; Sun, 15 Aug 2004 19:55:52 +0000 (GMT) (envelope-from karnaugh@karnaugh.za.net) Received: from karnaugh.za.net (c3-dbn-181.dial-up.net [196.39.44.181]) by mercury.is.co.za (Postfix) with ESMTP id 0EEE4C024; Sun, 15 Aug 2004 21:55:48 +0200 (SAST) Message-ID: <411FBF4D.9090706@karnaugh.za.net> Date: Sun, 15 Aug 2004 21:53:49 +0200 From: Colin Alston User-Agent: Mozilla Thunderbird 0.5 (Windows/20040207) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Fargo Holiday References: <4a1299a404081414287a9ecbc@mail.gmail.com> <20040815104243.GA43915@shellma.zin.lublin.pl> <4a1299a4040815113178caa332@mail.gmail.com> In-Reply-To: <4a1299a4040815113178caa332@mail.gmail.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: [FreeBSD 5.2] Bandwith and packet throttling X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Aug 2004 19:55:53 -0000 >Thanks for the reply. The ICMP was more experiment than anything, I've >sinced removed it. Here are the results of the show commands: > >cramster# ipfw show >00050 14819576 8458459132 divert 8668 ip from any to any via dc0 >00100 250 32470 allow ip from any to any via lo0 >00200 0 0 deny ip from any to 127.0.0.0/8 >00300 0 0 deny ip from 127.0.0.0/8 to any >65000 44478701 31835950367 allow ip from any to any >65100 0 0 pipe 1 ip from 10.0.0.8 to any >65200 0 0 pipe 2 ip from any to 10.0.0.8 >65535 0 0 deny ip from any to any > > > I think you're clearly being a bit silly here. Remove rules 00200 and 00300 (I dont know why on this green earth you'd deny loopback) Also you've added an "allow all" rule right above your shaping rules. You expected them to be effective after you've just told it to allow all traffic anyway? man ipfw -- Colin Alston Quantum Logic Chicken: The chicken is distributed probabalistically on all sides of the road until you observe it on the side of your course.