From nobody@FreeBSD.org  Sat Mar 23 06:34:14 2002
Return-Path: <nobody@FreeBSD.org>
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id BA97537B400
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 23 Mar 2002 06:34:03 -0800 (PST)
Received: (from nobody@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g2NEY3w54809;
	Sat, 23 Mar 2002 06:34:03 -0800 (PST)
	(envelope-from nobody)
Message-Id: <200203231434.g2NEY3w54809@freefall.freebsd.org>
Date: Sat, 23 Mar 2002 06:34:03 -0800 (PST)
From: Alex de Kruijff <akruijff@dds.nl>
To: freebsd-gnats-submit@FreeBSD.org
Subject: ipfw traffic shaper with DHCP env.
X-Send-Pr-Version: www-1.0

>Number:         36230
>Category:       conf
>Synopsis:       ipfw traffic shaper with DHCP env.
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Mar 23 06:40:01 PST 2002
>Closed-Date:    Sat Jul 13 14:49:35 PDT 2002
>Last-Modified:  Sat Jul 13 14:49:35 PDT 2002
>Originator:     Alex de Kruijff
>Release:        4.5
>Organization:
>Environment:
FreeBSD UnixServer.kruij557.speed.planet.nl 4.5-RELEASE FreeBSD 4.5-RELEASE #0: Mon Jan 28 14:31:56 GMT 2002     murray@builder.freebsdmall.com:/usr/src/sys/compile/GENERIC  i386
>Description:
I like to run a ipfw traffic shaper on a network with a DHCP server. The DHCP server updates the DNS with a given hostname (+ suffix). The ip-address the client receives can change in time but the hostname do not. The ipfw rules however keep the old values resulting in a rules that do not apply. 
>How-To-Repeat:
# add alex to the DNS (nomaly you will let the DHCP do this for you)

ipfw add 100 pipe 1 ip from alex to any via ed0
ipfw add 200 pipe 2 ip from any to alex via ed0

# change the ip address of the host alex.
>Fix:
Save the URL, if given, instead of the ip-address.

>Release-Note:
>Audit-Trail:

From: David Malone <dwmalone@maths.tcd.ie>
To: Alex de Kruijff <akruijff@dds.nl>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: conf/36230: ipfw traffic shaper with DHCP env.
Date: Sun, 24 Mar 2002 00:07:45 +0000

 On Sat, Mar 23, 2002 at 06:34:03AM -0800, Alex de Kruijff wrote:
 > # add alex to the DNS (nomaly you will let the DHCP do this for you)
 > 
 > ipfw add 100 pipe 1 ip from alex to any via ed0
 > ipfw add 200 pipe 2 ip from any to alex via ed0
 
 Have you tried using:
 
 ipfw add 100 pipe 1 ip from me to any via ed0
 ipfw add 200 pipe 2 ip from any to me via ed0
 
 	David.
State-Changed-From-To: open->feedback 
State-Changed-By: dwmalone 
State-Changed-When: Sat Mar 23 16:11:28 PST 2002 
State-Changed-Why:  
Waiting to see if ipfw's "me" keyword helps. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=36230 

From: "Crist J. Clark" <cjc@FreeBSD.ORG>
To: Alex de Kruijff <akruijff@dds.nl>
Cc: freebsd-gnats-submit@FreeBSD.ORG
Subject: Re: conf/36230: ipfw traffic shaper with DHCP env.
Date: Sat, 23 Mar 2002 18:42:51 -0800

 On Sat, Mar 23, 2002 at 06:34:03AM -0800, Alex de Kruijff wrote:
 [snip]
 
 > I like to run a ipfw traffic shaper on a network with a DHCP server. The DHCP server updates the DNS with a given hostname (+ suffix). The ip-address the client receives can change in time but the hostname do not. The ipfw rules however keep the old values resulting in a rules that do not apply. 
 > >How-To-Repeat:
 > # add alex to the DNS (nomaly you will let the DHCP do this for you)
 > 
 > ipfw add 100 pipe 1 ip from alex to any via ed0
 > ipfw add 200 pipe 2 ip from any to alex via ed0
 > 
 > # change the ip address of the host alex.
 > >Fix:
 > Save the URL, if given, instead of the ip-address.
 
 How often do you check that the hostname to IP address mapping has
 changed? For every packet? Way too expensive. Every minute? Every five
 minutes? Why not just run a cron job to update your rules then?
 
 I don't see a practical way to implement this, do you?
 -- 
 Crist J. Clark                     |     cjclark@alum.mit.edu
                                    |     cjclark@jhu.edu
 http://people.freebsd.org/~cjc/    |     cjc@freebsd.org
State-Changed-From-To: feedback->closed 
State-Changed-By: luigi 
State-Changed-When: Sat Jul 13 14:48:31 PDT 2002 
State-Changed-Why:  
use "me" as suggested to specify the local host. "me" checks 
the address against the list of interface addresses on each 
incoming packet so it will detect changes. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=36230 
>Unformatted:
