[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: queueing: give some BW to each addr (in a table)?

On 6/27/06, McLone <mclone_(_at_)_gmail_(_dot_)_com> wrote:
We have many clients here, so i wanted to do it
on my freebsd6 router, with simple cron job switching
tables in PF, but pf doesn't support a thing like
"give EACH ip in that table N kbits/s".

Yes, what you want is a list.

So i have one option now - write some pf.conf
preprocessor, with soem frontend to edit it.

If you know python, check out dfd_keeper.

There is an OpenBSD port here:

Basically you can, from a script that uses nc/netcat, add or delete
from a list relatively trivially.  It then renders the ruleset and
loads it into pf.  It looks intimidating at first but isn't really.
You have my permission to use it in your commercial environment.  Once
installed, you need to write a short python script; there is an
example in the dist (but it doesn't get installed by the port yet,

If you have any further questions, or if you want [paid] help
implementing it, email me.
"I sometimes have delusions of adequacy" -- Woody Allen
Security "guru" for rent or hire - http://www.lightconsulting.com/~travis/ -><-
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066  151D 0A6B 4098 0C55 1484
freebsd-pf_(_at_)_freebsd_(_dot_)_org mailing list
To unsubscribe, send any mail to "freebsd-pf-unsubscribe_(_at_)_freebsd_(_dot_)_org"