※ 引述《[email protected] (forever~~)》之銘言： > queue不是線路最大頻寬吧? > 順便問一下,若我192.168.0.0/24下有10台Client, > 我想限制每台最大頻寬5KBytes/s,但總頻寬限制20KBytes/s, > 這樣設可以嗎? > ipfw add 1000 pipe 100 ip from any to 192.168.0.0/24 in > ipfw add 1001 pipe 101 ip from any to 192.168.0.0/24 in > ipfw pipe 100 config bw 5KBytes/s queue 3 mask dst-ip 0xffffffff > ipfw pipe 101 config bw 20KBytes/s queue 10 要這樣做也是可以..... 請man ipfw, 其中 pipe pipe_nr Pass packet to a dummynet(4) ``pipe'' (for bandwidth limitation, delay, etc.). See the TRAFFIC SHAPER (DUMMYNET) CONFIGURATION Section for further information. The search terminates; however, on exit from the pipe and if the sysctl(8) variable net.inet.ip.fw.one_pass is not set, the packet is passed again to the firewall code starting from the next rule. 有提到, 若要過pipe後再次進入ipfw的下一個rule, 要關閉net.inet.ip.fw.one_pass 我的做法是在對外的介面去限制對外總頻寬, 也是可以的, 畢竟one pass比較不會把 ipfw搞得太複雜..^^b -- ※ Origin: 蟲 之 家 <pcbug.twbbs.org> ◆ From: freebsd.private-ip