[ previous ] [ next ] [ threads ]
 
 From:  Mark Ryan <markryan at cfl dot rr dot com>
 To:  Guy Boisvert <boisvert dot guy at videotron dot ca>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] can i adadpt my linux traffic shaping rules to monowall?
 Date:  Mon, 23 Oct 2006 19:44:53 -0400 
Guy Boisvert wrote:
> Mark Ryan wrote:
>> Guy Boisvert wrote:
>>> Mark Ryan wrote:
>>>>>> Hi,
>>>>>> I currently use ipcop on an old machine and I love it however I am
>>>>>> interested in moving to an embedded box with monowall.  I wrote 
>>>>>> my own
>>>>>> custom traffic shaping rules for linux and I would like to know 
>>>>>> if the
>>>>>> same setup is possible with monowall.  Here are my rules:
>>>>>>
>>>>>> #!/bin/bash
>>>>>> # clear out the chain and setup a new chain
>>> [Stuff deleted...]
>>>>>> tc filter add dev eth1 parent 1:0  prio 2 protocol ip handle 3 fw 
>>>>>> flowid
>>>>>> 1:12
>>>>>>
>>>>>> These rules work perfectly for my setup.  They cap my ftp server 
>>>>>> to 100K
>>>>>> and when an email is sent, the email has priority.  The sharing and
>>>>>> priority setup is also great so that the higher priority root 
>>>>>> class can
>>>>>> borrow from the ftp if needed.  They also allow the small ack 
>>>>>> packets to
>>>>>> get priority so that downloads dont suffer.
>>>>>>
>>>>>> Is this possible with monowall?
>>>>>>
>>>>>> Thanks,
>>>>>> Mark
>>>>>>
>>>>>> --------------------------------------------------------------------- 
>>>>>>
>>>>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>>>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>>>>>     
>>>>>
>>>>>   
>>>> Unfortunately the docs for the traffic shaper are sparse.  Not 
>>>> enough detail to learn without actually installing monowall and 
>>>> hacking away.
>>>>
>>>> Maybe I will just buy a WRAP package and just go for it, figure it 
>>>> out later.  If I can't get monowall to shape like I want, I could 
>>>> always use something else I guess.
>>>>
>>>> Mark
>>>>
>>>
>>> Hi Mark (and everybody on this very dynamic list!),
>>>
>>> You could use VMWare server (which is free) and download a 
>>> pre-installed image;
>>>
>>> http://www.vmware.com/download/server/
>>> http://chrisbuechler.com/m0n0wall/vmware/
>>>
>>> I use VMWare since a couple of years and it has been invaluable for 
>>> me.  It's a great software for testing.
>>> Hats off to mOnOwall & pfSense!  I have boxes running around the 
>>> world and i'm very satisfied!
>>>
>>> Guy Boisvert
>>> IngTegration inc.
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>>
>> I have tried that, but i cant seem to log in with the gui.  My vmware 
>> says the ethernet is 172.16.235.1 but the monowall is set to 192 
>> address.  Ive tried to change the ip in monowall but no luck so far.  
>> Maybe im just a moron.
>>
>> Mark
>>
> Hi Mark,
>
>    You could use the bridge network (usually VMNet 1, to the physical 
> ethernet card of the PC) and enter a secondary address in the 
> 172.16.235.0 subnet in your PC's ethernet card IP config.  (You can 
> assign any interface to any VMNet before booting the image, then after 
> re-assign as you wish).
>
>    Provided that the mOnOwall image's WAN is set to DHCP with private 
> filter disabled (and that you have DHCP in your network), you can then 
> connect to this address too.  You can get the address used by your 
> mOnOwall image by checking your DHCP server allocated list.
>
> Infos provided for the mOnOwall VMWare Image:
> ==================================
> Ethernet 1 - LAN - VMnet2  ===> You could assign this interface to 
> your bridged VMNet (Maybe VMNet 1 in your case?)
> Ethernet 2 - WAN - VMnet3
> Ethernet 3 - OPT - VMnet4
>
> The LAN IP is set to 192.168.96.1/24, the OPT IP is set to 
> 192.168.97.1/24, and the WAN is set to DHCP with block private 
> networks disabled. DHCP is enabled on the LAN interface with the range 
> 192.168.96.51-99.
>
> ===> You may have to change the VMnets depending on the config of your 
> VMWare.
> ===> You could assigne address 192.168.96.2 to your PC physical 
> ethernet card (enter as a secondary address)
>
>    As a complement of information, VMWare use 3 types of connections: 
> Bridged, Host Only and NAT.  Host only mean that you can use your host 
> OS to route (if you want) but there will not be any NATing nor routing 
> by default (by VMWare).  Sure you can have an emulated mOnOwall to do 
> the job of routing/firewalling for the "Host Only" emulated network!
>
>    I don't think that you're a moron because you don't master 
> something!  This term, in my opinion, reflects more an attitude: Like 
> people that don't want to make any efforts and blast eveybody to have 
> answers.  That doesn't seem to be your case!  Sure we may all "RTFM" 
> more but sometimes, we're just humans and we can get lost on some 
> subjects!
>
> Hope this helped,
>
> Guy
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
Thanks for the reply, i will take a break and come back and read your 
post in detail.  Im sure I have something configured wrong and you have 
probably given me the answer.  Thanks for taking the time to explain.

Mark