ipfw dummynet 限制p2p的参考
2009-05-13 05:47:43来源:未知 阅读 ()
best sollution (and also simple) to guarantee a bandwidth (Was: Welcome to the "freebsd-isp" mailing list)Carlos Alloatti [email=freebsd-isp%40freebsd.org?Subject=best%20sollution%20%28and%20also%20simple%29%20to%20guarantee%20a%20bandwidth%20%28Was%3A%0A%09Welcome%20to%20the%20%22freebsd-isp%22%20mailing%20list%29&In-Reply-To=1116865694.4292049e6947e%40webmail.unixware.ro]calloatti at gmail.com [/email]
Mon May 23 15:15:55 PDT 2005
- Previous message:
[url=003233.html][OBORONA-SPAM] Best OSPF solution on FreeBSD? [/url]
- Next message:
[url=003236.html]W32.Klez.E removal tools [/url]
- Messages sorted by:
[url=date.html#3232][ date ][/url]
[url=thread.html#3232][ thread ][/url]
[url=subject.html#3232][ subject ][/url]
[url=author.html#3232][ author ][/url]
On 5/23/05,
ovidiue at unixware.ro
wrote:
> Citat Carlos Alloatti :
>
> > I have just done that, I set up FreeBSD with 2 network cards, bridge,
> > ipfw and dummynet. It works without a glitch, has been up for 20 days.
> >
> > Yo have to set up pipes and queues in ipfw rules
> >
>
> How many users you have ? can you send me the config files?
>
rl0 connects to Internet, rl1 connects to LAN
/etc/rc.conf
hostname="bridge.local"
network_interfaces="rl0 rl1 lo0"
ifconfig_rl1="inet xxx.xxx.xxx.xxx netmask 255.255.255.0"
defaultrouter="xxx.xxx.xxx.1"
#required for ipfw support
firewall_enable="YES"
firewall_type="/etc/rc.firewall.rules"
firewall_quiet="NO"
firewall_logging="YES"
/etc/resolv.conf
domain local
nameserver xxx.xxx.xxx.xxx
nameserver yyy.yyy.yyy.yyy
/etc/hosts
127.0.0.1 localhost.local localhost
xxx.xxx.xxx.xxx bridge.local bridge
/etc/sysctl.conf
net.link.ether.bridge.config=rl0:1,rl1:1
net.link.ether.bridge.enable=1
# Controls whether bridged packets are passed to ipfw
net.link.ether.bridge.ipfw=1
# Delta between rule numbers when auto-generating them
net.inet.ip.fw.autoinc_step=10
# Bridged packets are accepted after the first pass through the firewall
# irrespective of the setting of the sysctl variable
net.inet.ip.fw.one_pass=1
# Lazily delete dynamic pipes/queue once they have no pending traffic
net.inet.ip.dummynet.expire=1
kern.polling.enable=1
net.inet.ip.fw.verbose=1
net.inet.ip.fw.verbose_limit=5
# The blackhole sysctl(8) MIB is used to control system behaviour when con-
# nection requests are received on TCP or UDP ports where there is no
# socket listening.
net.inet.tcp.blackhole=2
标签:
版权申明:本站文章部分自网络,如有侵权,请联系:west999com@outlook.com
特别注意:本站所有转载文章言论不代表本站观点,本站所提供的摄影照片,插画,设计作品,如需使用,请与原作者联系,版权归原作者所有
- PF做的连接数限制怎么不管用.. 2009-05-13
- 使用mod_cband管理Apache 2带宽和流量 2009-05-13
- ipf.rules 2009-05-13
- nginx下目录限制ip访问的解决办法 2009-05-13
- FreeBSD 系统管理 2009-05-13
IDC资讯: 主机资讯 注册资讯 托管资讯 vps资讯 网站建设
网站运营: 建站经验 策划盈利 搜索优化 网站推广 免费资源
网络编程: Asp.Net编程 Asp编程 Php编程 Xml编程 Access Mssql Mysql 其它
服务器技术: Web服务器 Ftp服务器 Mail服务器 Dns服务器 安全防护
软件技巧: 其它软件 Word Excel Powerpoint Ghost Vista QQ空间 QQ FlashGet 迅雷
网页制作: FrontPages Dreamweaver Javascript css photoshop fireworks Flash
