LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
Reload this Page Bandwith limitations, NAT and transparent proxy
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices


Reply
  Search this Thread
Old 02-20-2006, 12:03 PM   #1
ilnli
Member
 
Registered: Jul 2004
Location: Pakistan
Distribution: Slackware 10.0, SUSE 9.1, RH 7, 7.3, 8, 9, FC2
Posts: 413

Rep: Reputation: 32
Bandwith limitations, NAT and transparent proxy

Hi !


I have FreeBSD 5.4 installed.
There is IPFIREWALL, IPFIREWALL_FORWARD, IPDIVERT and DUMMYNET in my
kernel configration.
On my FBSD gateway to the Internet I would like to use NAT (of course
:-))) ), transparent proxy and limit the outgoing traffic.
xl0 (62.169.170.166/30) is the public interface, xl1 (192.168.1.1/24) is
the private one.


If my firewall rules look like:
Code:
ipfw pipe 1 config bw 256Kbit/s queue 40Kbytes 
ipfw add 47 pipe 1 ip from any to any out via xl0 
ipfw add 48 allow ip from 192.168.1.1 to any 
ipfw add 49 fwd 192.168.1.1,3128 tcp from 192.168.1.0/24 to any 80 
ipfw add 50 divert 8668 ip from any to any via xl0 
... (the rest of OPEN firewall rules) 
nothing except http (because of transparent proxy, I think) goes through 
the gateway from the local net. 


If my firewall rules look like: 
ipfw pipe 1 config bw 256Kbit/s queue 40Kbytes 
ipfw add 47 pipe 1 ip from 62.169.170.166 to any out via xl0 
ipfw add 48 allow ip from 192.168.1.1 to any 
ipfw add 49 fwd 192.168.1.1,3128 tcp from 192.168.1.0/24 to any 80 
ipfw add 50 divert 8668 ip from any to any via xl0 
... (the rest of OPEN firewall rules)
everything works fine except except the bandwith limitation.


Do you have any ideas, how to get these three things (bandwith
limitation, nat, transparent proxy) work together ?


Thanks a lot in advance.
 
Old 02-20-2006, 12:48 PM   #2
marozsas
Senior Member
 
Registered: Dec 2005
Location: Campinas/SP - Brazil
Distribution: SuSE, RHEL, Fedora, Ubuntu
Posts: 1,499
Blog Entries: 2

Rep: Reputation: 68
Try the Smoothwall (www.smoothwall.org) and QoS add-on.
Smoothwall is a linux based firewall with a web based interface.
It wraps in a single ISO a fully functional firewall with NAT, DNAT, IDS, VPN, IPSEC, and several add-ons that extended the basic functionality.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to transparent proxy depam Linux - Software 3 12-30-2005 12:33 PM
transparent proxy mattsthe2 Linux - Networking 9 10-26-2005 08:44 AM
Transparent Proxy krock923 Linux - Networking 1 04-28-2005 06:43 PM
Transparent Proxy ilnli Linux - Networking 3 10-18-2004 06:01 PM
Transparent Proxy vinhhv Linux - Networking 0 07-23-2003 01:01 AM

LinuxQuestions.org > Forums > Other *NIX Forums > *BSD

All times are GMT -5. The time now is 12:24 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration