I want to rate limit all outgoing traffic. I'm able to do so by following these steps
Add the following line to /boot/loader.conf:
Add the following lines to /etc/rc.conf:
The /etc/ipfw.rules file looks like this:
Now, the problem is that the outgoing carp advertisements are blocked. Other outgoing traffic is fine, like ping, ntp requests etc...
If I remove the two last lines in /etc/ipfw.rules, the carp advertisements are not blocked.
I have to admit that I'm not very up to speed on ipfw. I don't need the firewall capabilities, I only want to rate limit outgoing traffic, so if there's a smarter way to implement rate limit, I'm willing to try!
Add the following line to /boot/loader.conf:
dummynet_load="YES"
Add the following lines to /etc/rc.conf:
Code:
firewall_enable="YES"
firewall_script="/etc/ipfw.rules"
The /etc/ipfw.rules file looks like this:
Code:
ipfw -q add 65534 allow all from any to any
ipfw -q pipe 1 config bw 3Mbit/s
ipfw -q add 10 pipe 1 all from any to any out
If I remove the two last lines in /etc/ipfw.rules, the carp advertisements are not blocked.
I have to admit that I'm not very up to speed on ipfw. I don't need the firewall capabilities, I only want to rate limit outgoing traffic, so if there's a smarter way to implement rate limit, I'm willing to try!