isolation forwarding

titius · Mon Nov 07, 2005 11:25 pm

Hi

I know this is more like a google question but can someone please write me an example of firewall rule, situation is that I want all of wifi clients to isolate bu when I do so I cant manage to forward ip to each other.
I want to do that because of some ports that I want to block thanks...

dwright · Fri Nov 18, 2005 9:00 pm

Not sure what exactly you are trying to accomplish. Are you saying that you want all your wireless customers on your ap to go through the firewall when establishing connection with each other?

have you tried setting the default forward on the wireless off? If your using the access list, make sure you turn it off there as well.

Dan

nowoxi · Sat Nov 19, 2005 12:28 am

i realyl did not get your question. what do you want the firewalls to do

titius · Mon Nov 28, 2005 12:56 am

sorry Im late

,

well they are not customers but friends,and what I would like to di is to isolate them, and then make bandwith controll amongst them.. so that everybody can download files from each other at say 100kB/s...

nowoxi · Mon Nov 28, 2005 11:39 pm

so i guess you want to ensure each connection has a download rate of 100kb/s
or that each ip has a max of 100kb/s
or you want connection of a pair of ip's to be limited to 100kb/s

titius · Wed Nov 30, 2005 10:06 pm

I want a connection of a pair of IPs to limit to 100 kB/s i repeat there is no internet connection... example...

One wifi client connects to AP another wifi client connects to the same IP when one tries to take some file from another transfer rate has to be for example 100 kB/s...
tHANKS

nowoxi · Thu Dec 01, 2005 2:11 am

well i know that is possible by specifing it singly within the queues table but i dont know of any way that can be automatic.
i know if you set the queus mannually u can get everyone up. then for safer work u can so that no connection is left unhandled u can specify an amount of bandwidth to everyother connection.

titius · Thu Dec 01, 2005 3:38 pm

Yes, but how to setup queues simple queues wont work?

nowoxi · Fri Dec 02, 2005 12:20 am

WHAT DO YOU MEAN THEY WOUNT WORK YOU TRIED IT RIGHT. SO WHAT YOU DOING AND WHAT GOES WRONG?
THEN IF YOU WANT TO USE ANY OTHER TYPE OF CONTROL YOU WILL NEED TO MARK THE FLOW OF THE TRAFFIC YOU WANT TO SHAPE BEFORE YOU CAN SHAPE IT.

I HOPE THAT HELPS!!

titius · Fri Dec 02, 2005 12:53 am

well SQ works fine but between eth and wifi... but on the same interface SQ wont work... Ill have to read a little more theory before I ask questions

nowoxi · Fri Dec 02, 2005 2:04 pm

now ur getting the hang of it. if u v any problems after reading then u can ask

npero · Fri Dec 02, 2005 5:44 pm

Need to disable default forward then for every client define different subnet only then you can traffic shaping between wireless clients.

Pozdrav...

titius · Sat Dec 03, 2005 2:49 pm

Huh I really need more reading, a guesed that I have to do that... thanks

Pozdrav, Bajmok jel??

titius · Sun Dec 04, 2005 11:11 pm

well I want to see if I got it...
if I define 192.168.2.0/29 then I can have 32 users that I can do traff shaping, end everyone of them must be on a diff subnet for example:

user 1: 192.168.2.1/29
user 2: 192.168.2.9 /29 between these 3 users I can do traff shape
user 3: 192.168.2.17/29
user 4: 192.168.2.18/29 between user 3 and 4 I cant do traff shape

am I wright

nowoxi · Mon Dec 05, 2005 12:12 am

nowoxi · Mon Dec 05, 2005 12:12 am

if it answers what ur asking
users on the same subnet use the same bandwidth and users on different subnet use the bandwidth you set for its subnet. the size of the subnet at that point doesnt matter.

titius · Mon Dec 05, 2005 9:34 pm

I know it doesnt matter I just asked if Im wright cuz I want to shape every user there are 16 users at the moment...

ofasa · Tue Dec 06, 2005 3:24 pm

This'll be easily done with PPPoE.

titius · Tue Dec 06, 2005 3:28 pm

thanks, i figured it out somehow, pppoe no comPlications plese this is simple village wifi comunity nothing more ...

isolation forwarding

isolation forwarding

SOrry

.....

...

---

just one more thing

--

---

Who is online