[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  Garrett <glc at c dash email dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Traffic Shaper
 Date:  Sat, 15 Jan 2005 23:01:30 -0500 
On Fri, 14 Jan 2005 17:25:42 -0800, Garrett <glc at c dash email dot com> wrote:
> Does m0n0 apply the traffic shaper rules before or after any network address translation occurs?
> 

From looking at Manuel's PR's to FreeBSD with the m0n0wall patches
that change ordering, I believe it's ipfw -> ipnat -> ipfilter on
outgoing, and reverse that on incoming.  (ipfw == traffic shaping,
ipnat == NAT, ipfilter == fw rules)

So if you're talking LAN hosts going out to the internet, traffic
shaper applies before NAT.  If you're talking traffic coming into the
internet, it also applies before NAT (i.e. will still have whatever
public IP as source)

-Chris