Lines Matching +full:high +full:- +full:bandwidth
41 firewalling system also has the capability to limit bandwidth using
44 amount of bandwidth for a critical purpose.
47 office T1 (1.5 MBits/s), you may wish to bandwidth-limit all other
52 you might want to limit bandwidth to prevent excessive bandwidth
57 firewalls may be used to divert packets or change the next-hop
78 to get certain types of ICMP errors to function properly - for
135 If you want to be able to limit the bandwidth used by certain types of
141 .Sh SAMPLE IPFW-BASED FIREWALL
142 Here is an example ipfw-based firewall taken from a machine with three
146 on this LAN are dual-homed with both internal 10.\& IP addresses and
147 Internet-routed IP addresses.
149 the Internet-routed IP block while 10.x.x.x represents the internal
160 is given two Internet-exposed addresses on fxp0 in addition to an
193 .Bd -literal
203 # a larger port range for local-size binding. 4000-10000 or 4000-30000
209 .Bd -literal
225 # FIREWALL -->[LAN2]
229 # +--> exposed host A
230 # +--> exposed host B
231 # +--> exposed host C
240 # to protect the dual-homed 10.0.0.x block. Exposed hosts are
241 # not otherwise protected in this example - they should only bind
253 # of course do not have to route internal<->internal traffic through
256 # also the in-kernel version of natd, ipnat.
258 # natd -s -u -a 208.161.114.67
265 # Short cut the rules to avoid running high bandwidths through
324 # spoof-proof internal IP addresses (10. net), so these rules
329 # If we want to expose high-numbered temporary service ports
331 # in this example 4000-65535, and we set to /etc/rc.conf variables
335 add 02000 allow udp from any to any 4000-65535,domain,ntalk,ntp
351 add 03000 allow tcp from any to any 4000-65535,ssh,smtp,domain,ntalk
352 add 03000 allow tcp from any to any auth,pop3,ftp,ftp-data
360 # packet-too-big)
362 # 5 Redirect (typically not allowed - can be dangerous!)
384 We have mentioned multi-homing hosts and binding services to internal or
422 .Bl -tag -width indent