[ previous ] [ next ] [ threads ]
 From:  "Christos Dionissopoulos" <chdio at internet dot gr>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] IPsec over two ADSL links
 Date:  Mon, 15 Sep 2003 00:12:42 +0300
> I limited the bandwidth of all ip addresses on the LAN using the rule that
> is included on the web site:
> If=LAN, Proto=TCP, Source=*, Port=*, Destination=LAN Net,
> Port=*, Bandwidth=256, Delay=Nul, Mask=destination
> This is working well as my ip address receives 256 kbps.
> There are some special ip addresses on the network (mine!) where I don't
> want to limit bandwidth.  I tried adding the following second rule:
>   If=LAN, Proto=TCP, Source=*, Port=*, Destination=,
> Port=*, Bandwidth=5000, Delay=Nul, Mask=Nul
> My ip address is still limited to 256 kbps when this second rule is in
> place.  I also tried Mask=destination and had the same results.  Perhaps
> this is because both rules are being applied to my ip address and the 256
> rule is more restrictive.
> Does anyone have ideas on how to get this working?  Also, is this the best
> way to specify these rules to minimize the multiple rule performance
> impacts?

Try to put a rule with unlimited bandwidth (100MB) with IP(s) you dont want
any limit included,
firstly,  and after that,  the place the "limiting rule" to whole network
(256KB per-ip basis or not).
Thats the way that works in IPFW command line, and i believe that works the
same way
in m0n0wall.