Just rolled out my first m0n0wall installation and I have to say I am quite happy so far.
I took over an existing internet coop. We have some carryover customers that are a bit out of control (and will be leaving in a few months), so I wanted to limit their traffic as well as hang them off a separate interface than myself and the other co-owner.
What I ended up doing was putting the existing customers on the LAN interface and NATing them (as well as dynamically allocating their IP's)...while sticking us on the OPT1 interface and bridging with the WAN (using static IP's). This works great.
Next, I wanted to limit their bandwidth. However, not yet being familiar with this configuration on m0n0wall, what I did was use the traffic shaping "wizard" (or whatever it is called). I put in the top upload and download speeds I wanted to allocate for the LAN interface users and let the wizard create the rules. I then simply modified the rules to pertain only to the LAN network.
So far, so good. I DO wish I could implement Captive Portal on the LAN, but that option is not available when you are also bridging interfaces (possible future feature request?). I am slowly getting everyone's MAC addresses so I can statically map them in the DHCP server and then deny all others on the LAN.
Thanks for a great product. I just downloaded 1.3 beta and will be bouncing that around on my spare WRAP board.
|