> On Jun 20, 2016, at 6:50 AM, Rick van der Zwet <i...@rickvanderzwet.nl> wrote:
>
> I would like to be able to limit bandwidth (upload + download) per
> client using dummynet. Yet I fail to create dynamic pipes which matches
> both upload and download at the same time. re2 is the interface on which
> the the clients are connected in network 192.168.0.0/24.
>
> I am able to limit download (300Mbit/s) with dynamic pipes using:
> ${fwcmd} pipe 1 config bw 300Kbit/s mask dst-ip 0xffffffff
> ${fwcmd} add 60000 pipe 1 ip from not me to 192.168.0.0/24 via re2 out
>
> I am able to limit upload (300Mbit/s) with dynamic pipes using:
> ${fwcmd} pipe 1 config bw 300Kbit/s mask src-ip 0xffffffff
> ${fwcmd} add 60000 pipe 1 ip from 192.168.0.0/24 to not me via re2 in
>
> I am able to limit upload+download (total 300Mbit/s) for single
> (192.168.0.10) IP using:
> ${fwcmd} pipe 1 config bw 300Kbit/s
> ${fwcmd} add 60000 pipe 1 ip from not me to 192.168.0.10/32 via re2 out
> ${fwcmd} add 60000 pipe 1 ip from 192.168.0.10/32 to not me via re2 in
>
> Yet duplicating the last one for all client IPs addresses 'feels' wrong
> and is a bit verbose. Am I able to limit upload+download bandwidth for
> multiple IPs without pre-creation of 1 pipe per client and the required
> rules?
You can create a per-IP pipe using the "mask" keyword when defining the pipe,
e.g.:
ipfw pipe 1 config bw 300Kbit/s mask src-ip 0xffffffff
However, that would create different pipes based on source IP only (regardless
of direction). I'm not sure there's a way to handle both directions in a single
pipe other than creating a static pipe per IP as you've outlined above.
JN
_______________________________________________
freebsd-ipfw@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
