Date: Mon, 1 Jan 2001 21:08:26 +0100 From: Anders Nordby <anders@fix.no> To: freebsd-net@freebsd.org Subject: ipfw uid rules and matching specific services for bandwidth limiting Message-ID: <20010101210826.A69852@totem.fix.no>
next in thread | raw e-mail | index | archive | help
Hello, Are people actually using uid type rules heavily? I'm having trouble matching the packets generated by programs like Apache and ProFTPD. I believe that may be because of root binding the ports these programs use before they setuid() or something, I'm not sure. Particularly I have trouble matching the packets of active FTP, since I have random ports on both ends to deal with and can't match them by port either. Does anyone have a solution to this? Yep, this is for use with Dummynet, which works OK as long as I get to match the packets I need. :-) ProFTPD's mod_xfer module doesn't seem to be able to globally set a max. transfer rate for all transfers in total either, it seems. I suppose I can proxy the traffic and then match the packets somehow perhaps.. Cheers, -- Anders. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010101210826.A69852>