[ previous ] [ next ] [ threads ]
 From:  David W. Hess <dwhess at banishedsouls dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Inbound (downloaded) traffic is not being shaped at all
 Date:  Mon, 29 Jan 2007 10:24:13 -0600
On Mon, 29 Jan 2007 09:17:46 +0500, sai <sonicsai at gmail dot com> wrote:

>On 1/29/07, David W. Hess <dwhess at banishedsouls dot org> wrote:
>> I am still using version 1.22 but as far as I know, the traffic shaping rules
>> only work on outgoing traffic on an interface so to shape incoming WAN traffic
>> the rule must be on the LAN or OPT interface.  If that is still the case, place
>> your incoming WAN rules on those interfaces using out at the direction.
>No, that is incorrect. If Shaping only worked on outgoing we would not
>need the Direction (in/out/any) option in the Shaping rules.
>To clarify: Firewall rules only work on the packet as it enters the
>firewall. Traffic Shaper rules work wherever they match.
>I tend to use only the WAN interface in my rules but that is only to
>simplify things, the shaper is difficult as it is.

Hmmm.  Well, I never got the traffic shaper rules to work the way you describe
for incoming WAN traffic and had to resort shaping on the other interfaces.  I
assumed the in/out/any option was there because it was suppose to work as you
described but did not for other reasons.  Maybe this has something to do with
shaping on a filtering bridge?

I seem to remember a discussion about not wanting to invoke the traffic shaping
code twice for each packet but as you point out that could have been in
connection with the firewall rules and not the traffic shaping rules.