# Dummynet Problem



## budsz (Jan 7, 2012)

Halo,

I used this rulesset over two years, something my ruleset like this:


```
bwcldown="320Kbit/s"
bwclup="48Kbit/s"
ifint0="rl0" # Interface direct to LAN switch

${fwcmd} add 52 pipe 2 ip from not "table(2)" to "table(6)" via ${ifint0}
${fwcmd} add 53 pipe 3 ip from "table(6)" to not "table(2)" via ${ifint0}
${fwcmd} pipe 2 config bw ${bwcldown} mask dst-ip 0xffffffff
${fwcmd} pipe 3 config bw ${bwclup} mask src-ip 0xffffffff
```

table(2) contains all of internal address/LAN, and table(6) contains host of my LAN.

My problem is: for traffic downloading/uploading entry to rule 52 (320Kbit/s for download and upload). As far I know, if I do downloading from internet entry for rule 52 and if I do uploading to internet entry for rule 53.

My idea is how to limit each host on my LAN for download=320Kbit/s and upload=48Kbit/s.

IMHO, this rule working for FreeBSD 7.1 - 7.2 STABLE, 3 days ago I do *make world* and problem showing.

Now, My system running FreeBSD 7.4-STABLE.

Thank for your time.


----------



## Abriel (Jan 7, 2012)

I think you are now on GENERIC kernel.


----------



## budsz (Jan 8, 2012)

I already custom my kernel. I got the answer, "with net.inet.ip.fw.one_pass=0". 

From *man 8 ipfw*:


> ```
> When set, the packet exiting from the dummynet pipe or from
> ng_ipfw(4) node is not passed though the firewall again.  Other-
> wise, after an action, the packet is reinjected into the firewall
> ...



Sometime, I'am too lazy to read carefully man page .


----------

