W. D. wrote:
> At 09:36 10/21/2005, Daemon, wrote:
>
>>Great!. Thanks. One possibly stupid question. What is the "Deny
>>Spoof"? Is that like;
>># Stop spoofing of your internal network range
>># ${fwcmd} add deny ip from ${iif} to any in via $
ery "open" set of rules - your choice.
> Hope this helps.
> Regards, Graham
>
>
> Daemon wrote:
>
>> I'm trying to build a firewall from scratch using man ipfw and what I
>> can find on the net. I'm doing bandwidth shaping and I'm not quit
I'm trying to build a firewall from scratch using man ipfw and what I
can find on the net. I'm doing bandwidth shaping and I'm not quite sure
where it goes as far as rule numbers. From what I can see, it matters
and I'd like to do it right. I'm using an OPEN firewall with NATD
because I'm on cab
I have a 2 part question.
#1 I have tried to set up some pipe rules to shape the bandwidth on my
internal network. They are as follows;
${iip} = internal subnet
${oif} = external Nic
${fwcmd} add 240 pipe 1 all from ${iip} to any xmit ${oif}
${fwcmd} pipe 1 config mask src-ip 0x bw 35Kb
