Re: How to limit the nat's stream speed?
From: Adi Pircalabu (apircalabu_at_bitdefender.com)
Date: 08/10/05
- Previous message: Gary Kline: "sorry for the idiot question, but...."
- In reply to: he ccjj: "How to limit the nat's stream speed?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 10 Aug 2005 09:34:28 +0300 To: he ccjj <heccjj1@gmail.com>
On Wed, 10 Aug 2005 13:31:28 +0800
he ccjj <heccjj1@gmail.com> wrote:
> I use freebsd5.4+ipfw+natd to setup a box for sharing internet,it's
> work fine.But i have a very serious problem:
> Some computer of my inner user was attacked by virus,they make very
> big volume of stream to internet,so the natd will occupy almost all
> the cpu,the others can't visit internet at all !! Is there a solution
> to limit the natd's cpu occupancy or limit every user's stream speed?
You may take a look at ipfw(8) manpage and search for dummynet
configuration.
For example, if you know the offending IP, you can try something like
this:
kldload dummynet
ipfw pipe ${pipe-num} config bw ${max-bw}
ipfw add ${rule-num} pipe ${pipe-num} ip from ${offending-IP} to any
It's a very simple example, take it as a starting point.
Bye
-- Adi Pircalabu (PGP Key ID 0x04329F5E) -- This message was scanned for spam and viruses by BitDefender. For more information please visit http://www.bitdefender.com/ _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
- Previous message: Gary Kline: "sorry for the idiot question, but...."
- In reply to: he ccjj: "How to limit the nat's stream speed?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
