thr3ads.net - Shorewall users - Limit traffic rate to openvpn clients [Mar 2007]

If this information is useful, please help other people find it:
Share via:

Chris Mason (Lists)

2007-Mar-29 12:33 UTC

Limit traffic rate to openvpn clients

I have a shorewall firewall with three interfaces, two internet 
connections. Some of my openvpn clients swamp my internet connections 
and cause problems for the company. Is there a way I can limit them to 
50% total traffic?

[root@firewall shorewall]# shorewall version
3.0.5

[root@firewall shorewall]# ip addr
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:13:43:95:9d:65 brd ff:ff:ff:ff:ff:ff
    inet 207.46.133.126/30 brd 207.42.133.147 scope global eth0
    inet6 fe80::203:47ff:fe95:9d65/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:x3:47:x5:9d:66 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::2x3:x7ff:fe95:9d66/64 scope link
       valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
    link/ether 00:02:x3:8x:5x:6b brd ff:ff:ff:ff:ff:ff
5: eth3: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:x2:x3:xb:5b:6c brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.1/24 brd 192.168.200.255 scope global eth3
    inet6 fe80::2x2:b3ff:fe8b:5b6c/64 scope link
       valid_lft forever preferred_lft forever
6: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
9: tun0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1500 qdisc pfifo_fast qlen
100
    link/[65534]
    inet 192.168.99.1 peer 192.168.99.2/32 scope global tun0

-- 
Chris Mason
(264) 497-5670 Fax: (264) 497-8463
Int:  (305) 704-7249 Fax: (815)301-9759 UK 44.207.183.0271
Cell: 264-235-5670
Yahoo IM: netconcepts_anguilla@yahoo.com 


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net''s Techsay panel and you''ll get the chance
to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Shorewall users - Mar 2007 - Limit traffic rate to openvpn clients

Limit traffic rate to openvpn clients