> Is there some guide out there on setting up altq? I'm interested in
> trying it out (for reasons unrelated to this whole ftp business),
> but the altq manpages assume you know what everything is and just
> need to know the syntax for how to do it.

I finally got ALTQ to work like a champ!

you just have to remember that it's 'options ALTQ_CBQ' in the kernel, not
'options ALTQ_CQB' ....
<grin>

Here is a sample of my /etc/altq.conf

#
# For this to work you *must* compile your kernel with the options:
# options         ALTQ
# options         ALTQ_CBQ
# options         ALTQ_RED
#
#
#
#
#--------------------------------------------------------------------------
# Prepare interface for ALTQ

interface le0 bandwidth 10M cbq

#--------------------------------------------------------------------------

#--------------------------------------------------------------------------
# You have to have at least 1 parent class for the children to use

class cbq le0 root NULL pbandwidth 100

#--------------------------------------------------------------------------

# A filter is defined as..
# filter <interface> <class> <remote ip> <remote port> <local ip> <local
port> <proto>

#--------------------------------------------------------------------------
# Since we have no idea what our port or their port will be, in passive
mode,
# we will put all other connection in this group.
# Traditional non-passive mode always opens local port 20 to connect to the
# client's listener port.

class cbq le0 tcp root pbandwidth 15 default
 filter le0 tcp 0 0 0 0 6 # other tcp traffic
# filter le0 tcp 0 0 0 20 6 # ftp-data (non-pasv) caught by default

#--------------------------------------------------------------------------

#--------------------------------------------------------------------------
# The FTP control port needs very little bandwidth but allowed
# to use any unused bandwidth, as needed.

class cbq le0 ftp root borrow pbandwidth 5 red
 filter le0 ftp 0 0 0 21 6 # ftp
#--------------------------------------------------------------------------


#--------------------------------------------------------------------------
# Give other ports the rest of the bandwidth.
# Note: ftp-data port is added here so from the server, files can be
downloaded
# and not subject to the default tcp class limitations.

class cbq le0 other root borrow pbandwidth 69 red
 filter le0 other 0 0 0 80 6 # http
 filter le0 other 0 80 0 0 6 # http

 filter le0 other 0 0 0 6000 6 # xwin
 filter le0 other 0 6000 0 0 6 # xwin

 filter le0 other 0 512 0 0 6 # exec
 filter le0 other 0 23 0 0 6 # telnet
 filter le0 other 0 111 0 0 6 # sunrpc
 filter le0 other 0 20 0 0 6 # ftp-data (non-pasv)

 filter le0 other 0 0 0 0 1 # icmp
 filter le0 other 0 0 0 0 17 # udp
#--------------------------------------------------------------------------


----- Original Message -----
From: "Dave Huang" <khym@azeotrope.org>
To: <Netbsd-Users@netbsd.org>
Sent: Wednesday, February 19, 2003 4:53 PM
Subject: Re: FTPD: disallowing concurrent connections from same IP


> On Wed, Feb 19, 2003 at 02:33:51PM -0800, Chuck Yerkes wrote:
> > I can require logins (over SSL with clear passwords) and offer
> > downloads.  modbandwidth or altq  handle usage limits  (someone
> > connects 11 times, it's just as fast as 1 time).
>
> Is there some guide out there on setting up altq? I'm interested in
> trying it out (for reasons unrelated to this whole ftp business),
> but the altq manpages assume you know what everything is and just
> need to know the syntax for how to do it.
> --
> Name: Dave Huang         |  Mammal, mammal / their names are called /
> INet: khym@azeotrope.org |  they raise a paw / the bat, the cat /
> FurryMUCK: Dahan         |  dolphin and dog / koala bear and hog -- TMBG
> Dahan: Hani G Y+C 27 Y++ L+++ W- C++ T++ A+ E+ S++ V++ F- Q+++ P+ B+ PA+
PL++
>