Timofej Dod wrote: > Hi, > > I got a firewall with ipfw + dummynet. > system is: > FreeBSD 6.1-RELEASE-p10 > > table 1 contains 211 IP addresses. > > 00502 pipe 11 ip from any to table(1) out via rl0 > 00502 skipto 2000 ip from any to table(1) > > and with pipe configured > ipfw -q pipe 11 config mask dst-ip 0xffffffff bw 256Kbit/s > > however everybody only getting half of it i.e. 128 Kbits. > also net.inet.ip.fw.one_pass: 1 doesn't seem to work properly since > counters show that skipto rule is being triggered and it should not with > the one_pass activated. > Any clues how to make it give the speed it is supposed to?
I'm absolutely no expert on this matter, but I think you have to define where the packets are going. It's got something to do with DUMMYNET or IPFW seeing the packet twice. You're probably looking for: 00502 pipe 11 ip from any to table(1) out xmit rl0 A similar rule for incoming would be: pipe 12 ip from table(1) to any in recv rl0 -- Håkon Granlund _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
