[FUG-BR] Firewall banda por usuário
Mario Augusto Mania
m3.bsd.mania em gmail.com
Segunda Março 22 09:34:27 BRT 2010
Cara.... rede 11.x.x.x e 12.x.x.x tah errado meu hehehehehe
Soh pode usar 10.x.x.x
Em 22 de março de 2010 08:28, Gelsimauro Batista dos Santos
<maurogbs em gmail.com> escreveu:
> Veja as regras abaixo eu tenho um regra de controle de 64k e outro de 100k
>
>
>
> A mediada que crio as baixas de IPs no arquivo cbanda já caiem no controle
> de banda especificada no rc.filters.
>
>
>
> Veja que da pra fazer o controle MAC no cbanda tambem
>
>
>
>
>
> Arquivo cbanda
>
>
>
> #Cliente 01
>
> ifconfig rl1 inet 10.1.1.11 netmask 255.255.255.224 alias
>
> /usr/sbin/arp -S 10.1.1.106 00:10:69:48:d4:90
>
>
>
> #Cliente 02
>
> ifconfig rl1 inet 10.2.0.1 netmask 255.255.255.252 alias
>
> /usr/sbin/arp -S 10.2.0.2 00:10:69:48:d4:90
>
>
>
> #Cliente 03
>
> ifconfig rl1 inet 11.2.0.1 netmask 255.255.255.252 alias
>
> /usr/sbin/arp -S 11.2.0.2 00:1c:f0:85:e8:73
>
>
>
> #Cliente 04
>
> ifconfig rl1 inet 12.1.0.1 netmask 255.255.255.252 alias
>
> /usr/sbin/arp -S 12.1.0.2 00:1c:f0:85:e8:73
>
>
>
> #Cliente 05
>
> ifconfig rl1 inet 12.2.0.1 netmask 255.255.255.252 alias
>
> /usr/sbin/arp -S 12.2.0.2 00:1c:f0:85:e8:73
>
>
>
>
>
>
>
> Aruivo rc.filters
>
> #Banda-64k
>
> REDE_64="10.0.0.0/8,11.0.0.0/8"
>
> REDE_100="12.0.0.0/8, 13.0.0.0/8"
>
>
>
> ###########################################################################
>
> # CONTROLE DE BANDA VEL 64Kbit/s #
>
> ###########################################################################
>
> #
>
> $IPFW add 1000 pipe 1000 ip from ${REDE_64} to any in
>
> $IPFW add 1001 pipe 1001 ip from any to ${REDE_64} out
>
> $IPFW pipe 1000 config mask src-ip 0xffffffe0 bw 64Kbit/s
>
> $IPFW pipe 1001 config mask dst-ip 0xffffffe0 bw 64Kbit/s
>
> #
>
> ###########################################################################
>
> # CONTROLE DE BANDA DA REDE VEL 100Kbit/s #
>
> ###########################################################################
>
> #
>
> $IPFW add 1010 pipe 1010 ip from ${REDE_100} to any in
>
> $IPFW add 1011 pipe 1011 ip from any to ${REDE_100} out
>
> $IPFW pipe 1010 config mask src-ip 0xffffffe0 bw 100Kbit/s
>
> $IPFW pipe 1011 config mask dst-ip 0xffffffe0 bw 100Kbit/s
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>
--
Atenciosmente
Mario Augusto Mania <m3BSD>
-----------------------------------------------
m3.bsd.mania em gmail.com
Cel.: (43) 9938-9629
Msn: mario em oquei.com
Mais detalhes sobre a lista de discussão freebsd