[ previous ] [ next ] [ threads ]
 
 From:  Justin Ellison <justin at techadvise dot com>
 To:  Steve Yates <steve at teamITS dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Traffic Shaping Question
 Date:  Tue, 18 Oct 2005 14:49:22 -0500 
On Tue, 2005-10-18 at 12:46 -0500, Steve Yates wrote:
> On Tue, 18 Oct 2005 12:09:06 -0500
> Justin Ellison <justin at techadvise dot com> wrote:
> 
> > thought he was trying to filter his internal clients accessing HTTP
> > through to the Internet.
> 
> 	That's what I thought too.  Doesn't the browser request come
> from a port > 1024 on the PC?  And go to port 80 on the web server?
> 

Ugh.  I've been working with PF/ALTQ too much lately and forgot that
m0n0wall doesn't keep state on shaping rules.  You're right, sorry for
the confusion.

For the record, Steve is right.  In summary, to shape http downloads
initiated by clients on the LAN to servers on the Internet, you create a
rule like so:

Source: *
Source Port: 80
Destination: LAN Subnet
Dest Port Range: Any
Interface WAN
Direction: In

Justin
--