Date: Fri, 9 Oct 2009 13:23:52 -0400 From: alexus <alexus@gmail.com> To: Brent Bloxam <brentb@beanfield.com> Cc: freebsd-questions@freebsd.org Subject: Re: ipfw - TRAFFIC SHAPER Message-ID: <6ae50c2d0910091023w7656b5e7pa9421e6878ed05b5@mail.gmail.com> In-Reply-To: <6ae50c2d0910091022y380cbc90xd8c7599b80ef520d@mail.gmail.com> References: <6ae50c2d0910090907n7082a50brab5cdfc1cc4ca183@mail.gmail.com> <4ACF6B7F.7050408@beanfield.com> <6ae50c2d0910091022y380cbc90xd8c7599b80ef520d@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Oct 9, 2009 at 1:22 PM, alexus <alexus@gmail.com> wrote: > On Fri, Oct 9, 2009 at 12:57 PM, Brent Bloxam <brentb@beanfield.com> wrot= e: >> alexus wrote: >>> >>> I'm trying to fight with ipfw and unfortunately unsuccessfully... >>> >>> I created following rules >>> >>> ipfw pipe 1 config bw 1Mbit/s >>> ifpw add 8080 pipe 1 tcp from any to any src-port www >>> ifpw add 8080 pipe 1 tcp from any to any dst-port www >>> >>> yet I see peaks of my traffic is way higher them 1Mbit/s >>> i have following modules loaded through kldload >>> >>> =C2=A02 =C2=A0 =C2=A03 0xffffffff80cd3000 15db8 =C2=A0 =C2=A0ipfw.ko >>> =C2=A05 =C2=A0 =C2=A01 0xffffffff80cec000 bbc8 =C2=A0 =C2=A0 dummynet.k= o >>> >>> i even load >>> >>> 10 =C2=A0 =C2=A01 0xffffffff80e7d000 14df =C2=A0 =C2=A0 ipdivert.ko >>> >>> and that still didn't help :( >>> can anyone help me? >>> >> >> Do you have an ipfw rule allowing www traffic before rule 8080? >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.= org" >> > > no, nothing related to www, in fact the only rules I have before that > one is followings: > > 00100 19704 =C2=A0 3856110 allow ip from any to any via lo0 > 00200 =C2=A0 =C2=A0 0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0 deny ip from any to 1= 27.0.0.0/8 > 00300 =C2=A0 =C2=A0 0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 0 deny ip from 127.0.0.= 0/8 to any > > that's it... > > -- > http://alexus.org/ > the other thing is kind of weird is when I do ipfw pipe show I get same results no matter how many times I do that su-3.2# ipfw pipe show 00001: 2.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte= Drp 0 tcp 72.21.81.133/80 64.237.55.83/51986 176846 168906331 44 56988 6909 su-3.2# --=20 http://alexus.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6ae50c2d0910091023w7656b5e7pa9421e6878ed05b5>