[ previous ] [ next ] [ threads ]
 
 From:  Guy Boisvert <boisvert dot guy at videotron dot ca>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] can i adadpt my linux traffic shaping rules to monowall?
 Date:  Mon, 23 Oct 2006 19:27:56 -0400 
Mark Ryan wrote:
> Guy Boisvert wrote:
>> Mark Ryan wrote:
>>>>> Hi,
>>>>> I currently use ipcop on an old machine and I love it however I am
>>>>> interested in moving to an embedded box with monowall.  I wrote my 
>>>>> own
>>>>> custom traffic shaping rules for linux and I would like to know if 
>>>>> the
>>>>> same setup is possible with monowall.  Here are my rules:
>>>>>
>>>>> #!/bin/bash
>>>>> # clear out the chain and setup a new chain
>> [Stuff deleted...]
>>>>> tc filter add dev eth1 parent 1:0  prio 2 protocol ip handle 3 fw 
>>>>> flowid
>>>>> 1:12
>>>>>
>>>>> These rules work perfectly for my setup.  They cap my ftp server 
>>>>> to 100K
>>>>> and when an email is sent, the email has priority.  The sharing and
>>>>> priority setup is also great so that the higher priority root 
>>>>> class can
>>>>> borrow from the ftp if needed.  They also allow the small ack 
>>>>> packets to
>>>>> get priority so that downloads dont suffer.
>>>>>
>>>>> Is this possible with monowall?
>>>>>
>>>>> Thanks,
>>>>> Mark
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>>>>     
>>>>
>>>>   
>>> Unfortunately the docs for the traffic shaper are sparse.  Not 
>>> enough detail to learn without actually installing monowall and 
>>> hacking away.
>>>
>>> Maybe I will just buy a WRAP package and just go for it, figure it 
>>> out later.  If I can't get monowall to shape like I want, I could 
>>> always use something else I guess.
>>>
>>> Mark
>>>
>>
>> Hi Mark (and everybody on this very dynamic list!),
>>
>> You could use VMWare server (which is free) and download a 
>> pre-installed image;
>>
>> http://www.vmware.com/download/server/
>> http://chrisbuechler.com/m0n0wall/vmware/
>>
>> I use VMWare since a couple of years and it has been invaluable for 
>> me.  It's a great software for testing.
>> Hats off to mOnOwall & pfSense!  I have boxes running around the 
>> world and i'm very satisfied!
>>
>> Guy Boisvert
>> IngTegration inc.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
> I have tried that, but i cant seem to log in with the gui.  My vmware 
> says the ethernet is 172.16.235.1 but the monowall is set to 192 
> address.  Ive tried to change the ip in monowall but no luck so far.  
> Maybe im just a moron.
>
> Mark
>
Hi Mark,

    You could use the bridge network (usually VMNet 1, to the physical 
ethernet card of the PC) and enter a secondary address in the 
172.16.235.0 subnet in your PC's ethernet card IP config.  (You can 
assign any interface to any VMNet before booting the image, then after 
re-assign as you wish).

    Provided that the mOnOwall image's WAN is set to DHCP with private 
filter disabled (and that you have DHCP in your network), you can then 
connect to this address too.  You can get the address used by your 
mOnOwall image by checking your DHCP server allocated list.

Infos provided for the mOnOwall VMWare Image:
==================================
Ethernet 1 - LAN - VMnet2  ===> You could assign this interface to your 
bridged VMNet (Maybe VMNet 1 in your case?)
Ethernet 2 - WAN - VMnet3
Ethernet 3 - OPT - VMnet4

The LAN IP is set to 192.168.96.1/24, the OPT IP is set to 
192.168.97.1/24, and the WAN is set to DHCP with block private networks 
disabled. DHCP is enabled on the LAN interface with the range 
192.168.96.51-99.

===> You may have to change the VMnets depending on the config of your 
VMWare.
===> You could assigne address 192.168.96.2 to your PC physical ethernet 
card (enter as a secondary address)

    As a complement of information, VMWare use 3 types of connections: 
Bridged, Host Only and NAT.  Host only mean that you can use your host 
OS to route (if you want) but there will not be any NATing nor routing 
by default (by VMWare).  Sure you can have an emulated mOnOwall to do 
the job of routing/firewalling for the "Host Only" emulated network!

    I don't think that you're a moron because you don't master 
something!  This term, in my opinion, reflects more an attitude: Like 
people that don't want to make any efforts and blast eveybody to have 
answers.  That doesn't seem to be your case!  Sure we may all "RTFM" 
more but sometimes, we're just humans and we can get lost on some subjects!

Hope this helped,

Guy