#Allows to use more than 1 pipe for packet
/sbin/sysctl net.inet.ip.fw.one_pass=0#External interface, please change this value!
ipfw add allow ip from any to any via rl0
#users 80Kbit
ipfw pipe 3 config mask dst-ip 0xffffffff bw 80Kbit/s
ipfw pipe 4 config mask src-ip 0xffffffff bw 80Kbit/s
ipfw add pipe 3 ip from any to 192.168.1.1,192.168.1.2,192.168.1.3 out #To client
ipfw add pipe 4 ip from 192.168.1.1,192.168.1.2,192.168.1.3 to any in #From client
#users 64Kbit
ipfw pipe 5 config mask dst-ip 0xffffffff bw 64Kbit/s
ipfw pipe 6 config mask src-ip 0xffffffff bw 64Kbit/s
ipfw add pipe 5 ip from any to 192.168.1.4,192.168.1.5,192.168.1.6 out #To client
ipfw add pipe 6 ip from 192.168.1.4,192.168.1.5,192.168.1.6 to any in #From client
#users 32Kbit
ipfw pipe 7 config mask dst-ip 0xffffffff bw 64Kbit/s
ipfw pipe 8 config mask src-ip 0xffffffff bw 64Kbit/s
ipfw add pipe 7 ip from any to 192.168.1.7,192.168.1.7,192.168.1.7 out #To client
ipfw add pipe 8 ip from 192.168.1.7,192.168.1.7,192.168.1.7 to any in #From client
#Queue for max 1024Kbit/s download and max 1024Kbit/s upload
ipfw queue 1 config pipe 1 mask dst-ip 0xffffffff
ipfw pipe 1 config bw 1024Kbit/s
ipfw queue 2 config pipe 2 mask src-ip 0xffffffff
ipfw pipe 2 config bw 1024Kbit/s
ipfw add queue 1 ip from any to 192.168.1.0/24 out #To client
ipfw add queue 2 ip from 192.168.1.0/24 to any in #From client
Если списки адресов (192.168.1.1,192.168.1.2,192.168.1.3) будут слишком длинными, рекомендую использовать table:
ipfw add pipe 3 ip from any to "table(1)" out #To client
ipfw add pipe 4 ip from "table(1)" to any in #From client
ipfw table 1 add 192.168.1.1
ipfw table 1 add 192.168.1.2
ipfw table 1 add 192.168.1.3
...
Вариант для распечатки
OpenNET: Виртуальная конференция (Public)
on 30-Янв-07, 12:48 
