[問題] 7.0R Bridge+DummyNet 無法正常運作

看板FreeBSD作者jognien (.....)時間17年前 (2008/08/27 14:34)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串1/1

環境 : FreeBSD 7.0 Release 網路 : -----router ----(sk0)freebsd(sk1)-----users(public ip) 用途 : 橋接器 + 頻寬限制說明 : 橋接器可正常運作, 但是只要一加上 dummynet 的 pipe 設定, 在裡面的機器就會無法連出去但是 ipfw pipe list 是有看到 user 的連線, 但是就是無法接通. 所以完全摸不著頭緒. 只要把 pipe 的指令從 ipfw list 中移除, # ipfw list 00100 pipe 1 ip from any to 219.8.1.160/28 00200 pipe 2 ip from 219.8.1.160/28 to any 65535 allow ip from any to any # ipfw delete 100 # ipfw delete 200 又可以連線, 但是這樣就無法達到限制頻寬的效果請問一下我到底是哪個地方設錯了. 感恩. 核心設定如下: #Firewall and Bridge configure device if_bridge options DUMMYNET options IPFIREWALL options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT options IPFIREWALL_FORWARD options HZ=1000 網路配置: # ifconfig -a sk0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:1e:58:aa:db:7b media: Ethernet autoselect (1000baseTX <full-duplex,flag0,flag1>) status: active sk1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:1e:58:49:54:aa media: Ethernet autoselect (1000baseTX <full-duplex,flag0,flag1>) status: active plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> metric 0 mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 1e:66:06:1d:a6:3d inet 192.168.1.251 netmask 0xffffff00 broadcast 192.168.1.255 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: sk1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> member: sk0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> rc.conf font8x14="NO" font8x16="NO" font8x8="NO" inetd_enable="YES" firewall_enable="YES" keymap="us.iso" moused_enable="NO" cloned_interfaces="bridge0" ifconfig_sk0="up" ifconfig_sk1="up" ifconfig_bridge0="up" ifconfig_bridge0="inet 192.168.1.251 netmask 255.255.255.0" defaultrouter="192.168.1.254" hostname="bwbridge.wawa.net.tw" rc.firewall #===Brandwith============== /sbin/ipfw pipe 1 config bw 400Kbit/s /sbin/ipfw pipe 2 config bw 400Kbit/s #====In=================== /sbin/ipfw add pipe 1 all from any to 219.8.1.160/28 #====Out=================== /sbin/ipfw add pipe 2 all from 219.8.1.160/28 to any # ipfw pipe list 00001: 400.000 Kbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 0 udp 219.8.1.169/137 219.8.1.175/137 54 4659 0 0 0 00002: 400.000 Kbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 0 udp 219.8.1.169/49957 168.95.1.1/53 30 1825 0 0 0 -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 59.125.102.131