I'm beginning to see that I was very unclear in my original post. In an
attempt to simplify my question I left out some important information which
is key to understanding what needs to happen to solve my problem. My
apologies for that.
Let's say I have 25 users on my WLAN. 21 are "residential" customers and 4
are "commercial" customers. So I really have 2 problems - 1 is shaping
traffic differently for each class of customer and 2 is limiting bandwidth
differently in each direction for each class. Problem 2 solves an issue
with wireless lans called the "hidden node" problem. The technical details
are outside the scope of this but if you're really interested you can do a
Google search and you'll find out all about the hidden node problem.
So now what I do (I am currently doing this with a very expensive commercial
box which I'd obviously like to replace) is group my 21 users into 3 groups
of 7 and assign each group 512kb downstream BW and 64KB upstream BW. I then
create an individual group for each of the commercial customers with as much
bandwidth as they've paid for. My current solution also has a nice feature
I'd like to include (though it's not critical) which limits "unknown"
stations (MAC addresses we don't recognize) to it's own set of bandwidth
So I guess to boil this down further, I need to be able to set up asymmetric
pipes and assign MAC addresses (IPFW2 can do this right?) to the pipes. A
nice PHP GUI would be a nice plus.
I'll get it all figured out eventually - I just didn't want to reinvent the
wheel and like I said earlier, firewall rules are not my strong suit.
Sorry for being so long-winded and that my original post caused so much