From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andraz Sraka Date: Thu, 23 Mar 2006 10:43:25 +0000 Subject: [LARTC] linux box as vlan p2p limiter and firewall? Message-Id: <1143110605.17746.45.camel@localhost> MIME-Version: 1 Content-Type: multipart/mixed; boundary="===============1502128316==" List-Id: To: lartc@vger.kernel.org --===============1502128316== Content-Type: multipart/signed; micalg=sha1; protocol="application/x-pkcs7-signature"; boundary="=-FR1WW+Qdt74qOzolyEnB" --=-FR1WW+Qdt74qOzolyEnB Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-3Sq8JR98+dfKl36OGT29" --=-3Sq8JR98+dfKl36OGT29 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable re I would like to do some firewalling and p2p shaping/limiting on one of the vlans in my network and I was thinking of using linux box as transparent bridged firewall/limiter. For this I'm planning to use AMD64 2.2Ghz box with 2 1gbit NIC (Broadcom 5721), that will be bridged. The box must be totally transparent and unseen in the network, as well as it should have much influence on network performance.=20 Can anyone give me some guidelines where to begin, how to limit/shape p2p traffic on that vlan. Is it even doable?? Any example htb/etables/iptables configuration script will also help. :) thanks in advance .. regards, Andraz=20 --=20 BOFH excuse #362: Plasma conduit breach --=-3Sq8JR98+dfKl36OGT29 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part Content-Transfer-Encoding: quoted-printable -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQBEInvKVIImx7Y1h/QRAqq9AJ0Zi3mab25I+OQrg5xaTp5SLXfcfACdF1sY 8+Sm/WUQC+NfOftjnGfWneQ=3D =3DbLDf -----END PGP SIGNATURE----- --=-3Sq8JR98+dfKl36OGT29-- --=-FR1WW+Qdt74qOzolyEnB Content-Type: application/x-pkcs7-signature; name=smime.p7s Content-Disposition: attachment; filename=smime.p7s Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIFwzCCAnww ggHloAMCAQICAw5ToDANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt YWlsIElzc3VpbmcgQ0EwHhcNMDUwMzIyMjIxMjQ1WhcNMDYwMzIyMjIxMjQ1WjBVMQ4wDAYDVQQE EwVTcmFrYTEPMA0GA1UEKhMGQW5kcmF6MRUwEwYDVQQDEwxBbmRyYXogU3Jha2ExGzAZBgkqhkiG 9w0BCQEWDGFAYXVmYml4Lm9yZzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwfQb3DEZkuhZ dYEObF1ZIFGxbXW0rrXg7UkMATq91e5jt/moy5DDMfOMLP+fkj0+SEYWv8AWsPVu3KVdDcJMLkvQ Pr71weULpsAb0kEQAfJdjwP26kPZI9IDBdSMWzx20wzHaGrsFeezbvEQ4Gl38OvO7NNQhN+lATU8 AO4du18CAwEAAaNNMEswDwYDVR0PAQH/BAUDAweRgDARBglghkgBhvhCAQEEBAMCBaAwFwYDVR0R BBAwDoEMYUBhdWZiaXgub3JnMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEEBQADgYEAcG4yEym6 nUog4qGA7AWHsHWpG5sdFN7jRdgMRHBQbdZj823sNiR/FgU9TQVBbfbYn4J+Kb+nrnqBD6BtCPU+ AZ77SZVuaeRuaq029mh0S+M8Lh25Rc1GraIibLDuBkEDHi4di7fN11c97CtUCKB2GFaQ0l9cfMZE 0D/TAaeFjz0wggM/MIICqKADAgECAgENMA0GCSqGSIb3DQEBBQUAMIHRMQswCQYDVQQGEwJaQTEV MBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0 ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQw IgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNv bmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wHhcNMDMwNzE3MDAwMDAwWhcNMTMwNzE2MjM1OTU5WjBi MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoG A1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwgZ8wDQYJKoZIhvcNAQEB BQADgY0AMIGJAoGBAMSmPFVzVftOucqZWh5owHUEcJ3f6f+jHuy9zfVb8hp2vX8MOmHyv1HOAdTl UAow1wJjWiyJFXCO3cnwK4Vaqj9xVsuvPAsH5/EfkTYkKhPPK9Xzgnc9A74r/rsYPge/QIACZNen prufZdHFKlSFD0gEf6e20TxhBEAeZBlyYLf7AgMBAAGjgZQwgZEwEgYDVR0TAQH/BAgwBgEB/wIB ADBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsLnRoYXd0ZS5jb20vVGhhd3RlUGVyc29uYWxG cmVlbWFpbENBLmNybDALBgNVHQ8EBAMCAQYwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh dGVMYWJlbDItMTM4MA0GCSqGSIb3DQEBBQUAA4GBAEiM0VCD6gsuzA2jZqxnD3+vrL7CF6FDlpSd f0whuPg2H6otnzYvwPQcUCCTcDz9reFhYsPZOhl+hLGZGwDFGguCdJ4lUJRix9sncVcljd2pnDmO jCBPZV+V2vf3h9bGCE6u9uo05RAaWzVNd+NWIXiC3CEZNd4ksdMdRv9dX2VPMYIBbjCCAWoCAQEw aTBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEs MCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECAw5ToDAJBgUrDgMC GgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDYwMzIzMTA0 MzIyWjAjBgkqhkiG9w0BCQQxFgQU1fDukxUf7nnJYBZDXXFjugoXbPYwDQYJKoZIhvcNAQEBBQAE gYBnjduSxYvLYb4qXllmPJoQr7FuEFzo1E5Ka6uqCOZx6khsleiy7xxpblmc2b6YYbBSFAyVr+zk XV9V/WRUXnOtrViYsiEJPixI/hECzgBeb/VrFr/spkqPXhlMdbLNgJy1jbWq2Uz7YPdf6RJH4P+5 Ajq9FixY/El3ekH3fs162gAAAAAAAA== --=-FR1WW+Qdt74qOzolyEnB-- --===============1502128316== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc --===============1502128316==--