diff options
author | glebius <glebius@FreeBSD.org> | 2006-01-13 15:48:38 +0000 |
---|---|---|
committer | glebius <glebius@FreeBSD.org> | 2006-01-13 15:48:38 +0000 |
commit | d154659c530bf9c14bd1915ad19fbcae6e23a94b (patch) | |
tree | 7007acb8de4fa5ed8eb4ed3e0370a9cff177b5ce /sbin | |
parent | ce8e856e242fdb3ef81cbcc268e68f9c6af78945 (diff) | |
download | FreeBSD-src-d154659c530bf9c14bd1915ad19fbcae6e23a94b.zip FreeBSD-src-d154659c530bf9c14bd1915ad19fbcae6e23a94b.tar.gz |
Document 'tablearg' keyword.
Wording by: emaste
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/ipfw/ipfw.8 | 32 |
1 files changed, 31 insertions, 1 deletions
diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8 index 97dbc39..2cf9eaa 100644 --- a/sbin/ipfw/ipfw.8 +++ b/sbin/ipfw/ipfw.8 @@ -1,7 +1,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 13, 2005 +.Dd January 16, 2006 .Dt IPFW 8 .Os .Sh NAME @@ -1524,6 +1524,19 @@ the routing table (see .Xr route 4 ) . .Pp Lookup tables currently support IPv4 addresses only. +.Pp +The +.Cm tablearg +feature provides the ability to use a value, looked up in the table, as +the argument for a rule action. +This can significantly reduce number of rules in some configurations. +The +.Cm tablearg +argument can be used with the following actions: +.Cm pipe , queue, divert, tee, netgraph, ngtee . +See the +.Sx EXAMPLES +Section for example usage of tables and the tablearg keyword. .Sh SETS OF RULES Each rule belongs to one of 32 different .Em sets @@ -2426,6 +2439,23 @@ on a net with per-host limits, rather than per-network limits: .Dl "ipfw add pipe 2 ip from any to 192.168.2.0/24 in" .Dl "ipfw pipe 1 config mask src-ip 0x000000ff bw 200Kbit/s queue 20Kbytes" .Dl "ipfw pipe 2 config mask dst-ip 0x000000ff bw 200Kbit/s queue 20Kbytes" +.Ss LOOKUP TABLES +In the following example, we need to create several traffic bandwidth +classes and we need different hosts/networks to fall into different classes. +We create one pipe for each class and configure them accordingly. +Then we create a single table and fill it with IP subnets and addresses. +For each subnet/host we set the argument equal to the number of the pipe +that it should use. +Then we classify traffic using a single rule: +.Pp +.Dl "ipfw pipe 1 config bw 1000Kbyte/s" +.Dl "ipfw pipe 4 config bw 4000Kbyte/s" +.Dl "..." +.Dl "ipfw table 1 add 192.168.2.0/24 1" +.Dl "ipfw table 1 add 192.168.0.0/27 4" +.Dl "ipfw table 1 add 192.168.0.2 1" +.Dl "..." +.Dl "ipfw pipe tablearg ip from table(1) to any" .Ss SETS OF RULES To add a set of rules atomically, e.g.\& set 18: .Pp |