Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 14 Apr 2004 12:43:45 -0400
From:      "Thomas S. Crum - AAA Web Solution, Inc." <>
To:        "'Ludo Koren'" <>
Subject:   RE: limiting bandwith
Message-ID:  <001201c4223f$ad443930$6466a8c0@wolf>
In-Reply-To: <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
This is a multi-part message in MIME format.

Content-Type: text/plain;
Content-Transfer-Encoding: 7bit

Using keep-state "is" the most efficient way to do it. The config that I
sent would still allow smtp and pop through, but limited as to the
weight of the queue.  Maybe I am misunderstanding what you are saying.

Are you saying that the mail is traversing unabated by the ruleset?

Thomas S. Crum
Senior Technical Associate
Toll-free: (800) 834-0626
AAA Web Solution, Inc.
11924 W Forest Hill Boulevard
Building 22 - Mailstop 200
Wellington, FL 33414 USA
Providing full-service website design, maintenance, hosting, and
No task is too small or enterprise too large for us to help you!

-----Original Message-----
[] On Behalf Of Ludo Koren
Sent: Wednesday, April 14, 2004 11:13 AM
Subject: Re: limiting bandwith

    >> I wrote `interactive' (ticks), and I meant addresses that are
    >> used to connect to ssh, web, etc (interactive processes). All
    >> these addresses are NAT-ed. For these, your setup is working
    >> fine. Thank you very much.
    >> The problem, I still have, is the following: the SMTP is
    >> flowing through, I am not relaying e-mail on this host. It
    >> seems to me, I cannot put together a rule which pass the
    >> traffic and add it to the queue except when I use keep-state
    >> flag. In this setup (keep-state), Luigi wrote it does not work.

     > i said your configuration does not work the way you want.  It
     > is possible to write a proper configuration that does what you
     > want but it is left as an exercise to the reader.

That I had understand. The problem is, the exercise I don't know to
do, even I tried hard several days... call me stupid...

The setup is: pass 2 mail servers without NAT and add the traffic from
the LAN to WAN to the queue and limit it (or weigth it). 

If I add:

ipfw add queue 3 tcp from A to B 25 
ipfw queue 3 config weight 1 pipe 10 mask src-ip 0x000000ff
ipfw pipe 10 config bw 256Kbit/s

and remove all rules with keep-state, it stops working.

     > 	cheers luigi


_______________________________________________ mailing list
To unsubscribe, send any mail to ""


Want to link to this message? Use this URL: <$ad443930$6466a8c0>