Hello,
we are about to set up another m0n0wal for our Company.
We have roundabout 90 computers using the internet connection.
Since we do have video-file transfers that do require a constant bitrate (via Internet), we want 89 computers to be filtered by a traffic shaper, and 1 not.
Since out netwok is working right now, and we really can't change all ip adresses, so how can i add a traffic shaper rule using an ip-range like 192.168.100.2-155 instead of a calculated subnet?
I read RedHats ipfw documentation, that says:
addr-set: addr[/masklen]{list}
list: {num | num-num}[,list]
Matches all addresses with base address addr (specified as a dot-
ted quad or a hostname) and whose last byte is in the list
between braces { } . Note that there must be no spaces between
braces and numbers (spaces after commas are allowed). Elements
of the list can be specified as single entries or ranges. The
masklen field is used to limit the size of the set of addresses,
and can have any value between 24 and 32. If not specified, it
will be assumed as 24.
This format is particularly useful to handle sparse address sets
within a single rule. Because the matching occurs using a bit-
mask, it takes constant time and dramatically reduces the com-
plexity of rulesets.
As an example, an address specified as 1.2.3.4/24{128,35-55,89}
will match the following IP addresses:
1.2.3.128, 1.2.3.35 to 1.2.3.55, 1.2.3.89
Unfortionaly m0n0wall doesnt accept an IP-adress input like 1.2.3.4/24{128,35-55,89}.
Neither alias does.
So are there any ideas how to add a rule as descriped above?
P.S.: We are using an alix board with 3 lan interfaces, means 1 wan, 1 lan and 1 lan..BUT the second lan is already in use.
|
Topic: IP-Range traffic shaping