IPFW transparent VS dummynet rules
budsz
budiyt at gmail.com
Sat Jan 7 07:42:56 UTC 2012
Hi folks,
I already found the mistake of my ruleset sequence on my box, for ex:
${fwcmd} add 30 fwd ${ipproxy},${portproxy} tcp from ${ipclproxy} to
any dst-port ${porthttp} in via ${ifint0}
${fwcmd} add 52 pipe 2 ip from any to ${ipclient} via ${ifint0}
${fwcmd} add 53 pipe 3 ip from ${ipclient} to any via ${ifint0}
${fwcmd} pipe 2 config bw ${bwcldown} mask dst-ip 0xffffffff
${fwcmd} pipe 3 config bw ${bwclup} mask src-ip 0xffffffff
With this ruleset sequence, the limiter didn't work but fwd rules working.
If I switching like:
${fwcmd} add 52 pipe 2 ip from any to ${ipclient} via ${ifint0}
${fwcmd} add 53 pipe 3 ip from ${ipclient} to any via ${ifint0}
${fwcmd} pipe 2 config bw ${bwcldown} mask dst-ip 0xffffffff
${fwcmd} pipe 3 config bw ${bwclup} mask src-ip 0xffffffff
${fwcmd} add 70 fwd ${ipproxy},${portproxy} tcp from ${ipclproxy} to
any dst-port ${porthttp} in via ${ifint0}
The limiter working but fwd didn't work. Anyone have a clue for fix
this dilemma?
Thank You
--
budsz
More information about the freebsd-ipfw
mailing list