Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Ipfw2 with mac filtering
Top Forums UNIX for Dummies Questions & Answers Ipfw2 with mac filtering Post 302122451 by darknighter on Wednesday 20th of June 2007 01:50:35 PM
Old 06-20-2007
Bandwith Control...
## EXAMPLE ONE

-f flush
add 150 allow ip from any to any layer2 mac-type arp
add 160 allow all from 10.0.1.1 to 192.168.1.0/24
add 161 deny tcp from 10.0.1.0/24 to 192.168.1.0/24
add 162 deny udp from 10.0.1.0/24 to 192.168.1.0/24

#
#MAC ADDRESS USERS
#
#User 1
add 180 skipto 201 MAC any 00:30:f2:c4:09:02 in via vr0 layer2

#Deny all other mac address
add 200 deny MAC any any in recv vr0 layer2

add 201 divert natd all from any to any via rl0

#
#BANDWITH
#
#
add pipe 1 MAC 00:30:f2:c4:09:02 any
add pipe 2 MAC any 00:30:f2:c4:09:02

pipe 1 config bw 10KBytes/s
pipe 2 config bw 10KBytes/s

# other rules...
 

2 More Discussions You Might Find Interesting

1. OS X (Apple)

Let's get a .mac top level domain! As in www.xyz.mac

ICANN, the Internet Corporation for Assigned Names and Numbers, is inviting proposals for new sponsored top level domains. This may be wishful thinking, but isn't that a chance to push for a .mac top level domain (TLD)? I for one would VASTLY like the idea of having a domain of something.mac --... (0 Replies)
Discussion started by: ropers
0 Replies

2. IP Networking

Mac Filtering in REDHAT-el5

Need help to filter the MAC address for the specific ipaddress., HOW?? I had try the rule for: iptables -A FORWARD -i eth1 -s 192.168.129.57 -m mac --mac-source 00:02:6F:48:8A:85 -j ACCEPT But Not working now and if you have any alternate solution Help us.:confused::confused: (1 Reply)
Discussion started by: thakshina
1 Replies

LEARN ABOUT LINUX

dummynet

DUMMYNET(4)						   BSD Kernel Interfaces Manual 					       DUMMYNET(4)

NAME

     dummynet -- traffic shaper, bandwidth manager and delay emulator

DESCRIPTION

     The dummynet system facility permits the control of traffic going through the various network interfaces, by applying bandwidth and queue
     size limitations, implementing different scheduling and queue management policies, and emulating delays and losses.

     The user interface for dummynet is implemented by the ipfw(8) utility, so please refer to the ipfw(8) manpage for a complete description of
     the dummynet capabilities and how to use it.

   Kernel Options
     The following options in the kernel configuration file are related to dummynet operation:

	   IPFIREWALL		     enable ipfirewall (required for dummynet)
	   IPFIREWALL_VERBOSE	     enable firewall output
	   IPFIREWALL_VERBOSE_LIMIT  limit firewall output
	   DUMMYNET		     enable dummynet operation
	   HZ			     set the timer granularity

     Generally, the following options are required:

	   options IPFIREWALL
	   options DUMMYNET
	   options HZ=1000	   # strongly recommended

     Additionally, one may want to increase the number of mbuf clusters (used to store network packets) according to the sum of the bandwidth-
     delay products and queue sizes of all configured pipes.

SEE ALSO

     setsockopt(2), if_bridge(4), ip(4), ipfw(8), sysctl(8)

HISTORY

     The dummynet facility was initially implemented as a testing tool for TCP congestion control by Luigi Rizzo <luigi@iet.unipi.it>, as
     described on ACM Computer Communication Review, Jan.97 issue.  Later it has been modified to work at the IP and bridging levels, integrated
     with the ipfw(4) packet filter, and extended to support multiple queueing and scheduling policies.

BSD
								 October 28, 2002							       BSD
All times are GMT -4. The time now is 03:27 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy