Date: Wed, 22 Oct 2003 16:10:05 +0200 From: Aleksandar Simonovski <aleksandar@unet.com.mk> To: freebsd-ipfw@freebsd.org Subject: gateway/firewall script Message-ID: <20031022161005.77a50af1.aleksandar@unet.com.mk>
next in thread | raw e-mail | index | archive | help
this is my script, works just fine, it's purpose is to allow just www,ftp and dns requests but i get only 6KB/s transfer with config bw 128Kbit/s, and 3KB/s with 64Kbit/s and so on and it should be 16KB/s with 128Kbit/s and 8KB/s with 64Kbit/s and do on so is this right or i'am missing something? any comments on the script would be fine INTINF = rl1 EXTINF = rl0 # natd is running natd -n rl0 #!/bin/sh -f flush add 1000 divert 8668 ip from any to any via rl0 add 1200 allow ip from any to any via lo0 add 1300 deny ip from any to 127.0.0.1/8 add 1400 deny ip from 127.0.0.1/8 to any add 1500 check-state add 1550 allow icmp from any to any keep-state add 1600 allow log udp from any to any 53 keep-state out add 1610 allow log udp from any to any 53 keep-state in #add 1620 allow log udp from any 53 to any keep-state in add 1700 queue 1 log tcp from any to any 20,21 keep-state out add 1800 queue 2 log tcp from any 20,21 to any keep-state in add 2000 queue 3 log tcp from any to any 80 keep-state out add 2010 queue 4 log tcp from any to any 80 keep-state in #add 2020 queue 5 log tcp from any 80 to any keep-state in add 2100 deny log ip from any to any queue 1 config weight 5 pipe 1 mask all queue 2 config weight 5 pipe 2 mask all queue 3 config weight 5 pipe 3 mask all queue 4 config weight 5 pipe 4 mask all queue 5 config weight 5 pipe 5 mask all pipe 1 config bw 128Kbit/s pipe 2 config bw 128Kbit/s pipe 3 config bw 128Kbit/s pipe 4 config bw 128Kbit/s pipe 5 config bw 128Kbit/s Cheers, Aleksandar
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031022161005.77a50af1.aleksandar>