[ previous ] [ next ] [ threads ]
 From:  "Chris Bagnall" <m0n0wall at minotaur dot cc>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Traffic shaper rules for FTP servers
 Date:  Thu, 14 Oct 2004 13:00:40 +0100

One of the folks on my network runs an FTP server and I'd like to use a
modification of one of the magic shaper hated_down/upload rules to prevent
it from slowing everything else down.

Problem is, I only want to do it with this specific client, not a blanket
effect on all FTP transfers (I often work from home and have to download and
upload websites for clients, and I don't want it affecting that).

Am I right in thinking the following should do it without affecting other
ftp transfers on the network?

If: WAN, upload, TCP
Source: client_ip, port: 20-21, 989-990, 23580-23590
Target: m_hated upload

I think I have to get all those ports, 20&21 (ftp-data&ftp), 989&990
(ssl-ftpdata&ssl-ftp), 23580-23590 (his pasv port range).

Have I missed anything, or perhaps there's a better way than having 3
separate rules for this?  I assume if, say people were uploading to him I
could just do the same rules in reverse, i.e. destination: and target:
m_hated download?

Many thanks in advance.


C.M. Bagnall, Partner, Minotaur
Tel: (07010) 710715   Mobile: (07811) 332969   ICQ: 13350579
AIM: MinotaurUK   MSN: minotauruk at hotmail dot com   Y!: Minotaur_Chris
This email is made from 100% recycled electrons