Single WAN to single LAn NIC Limiter for bandwidth at specific time



  • Hi, can you kindly advice me if and how can I setup this with pfsense?

    Need to switch the amount of bandwidth available from 2NIC single WAN to single LAN  for 2 hours from a setted day time.

    I'm using pfsense 2.0.1-RELEASE, I've looked at traffic shaping guide but single wan to single LAN isn't reported in wizard configuration.


  • Rebel Alliance Developer Netgate

    Limiter schedules were just added to 2.1-BETA over the last few weeks. They don't exist in any -RELEASE version yet.



  • Thank you for the reply, can I use the 2.1-BETA in a production environment?
    This feature work for sure?
    I mean anyone has already used it with success?
    Can you suggest me another way to achieve the result on 2.0.1-release, I mean if I make 2 firewall configuration, with different traffic shaping and reload them with a crontab job, is this a good way?



  • Installed a test machine with 2.1-Beta.

    I've tried to set the limiter with the wizard and it work on the interfaces, but I can't schedule the change of bandwidth.

    Else If I try to set the limiter as explained on this video http://www.youtube.com/watch?v=Usi195rK35I
    for a IP the limiter aren't applied.

    Can you please say me what's the matter?



  • @Summer:

    Thank you for the reply, can I use the 2.1-BETA in a production environment?
    This feature work for sure?
    I mean anyone has already used it with success?
    Can you suggest me another way to achieve the result on 2.0.1-release, I mean if I make 2 firewall configuration, with different traffic shaping and reload them with a crontab job, is this a good way?

    The Firewall rules don't seem to be stateful in applying traffic shaping/ limiter rules in 2.0 when I tried.

    To limit a particular client IP on LAN with IP of say '192.168.2.100' in both directions, you will need a combination of a 'LAN' tab rule and a 'Floating' tab rule.

    First create a schedule under Firewall-> Schedules.
    Create the Schedule name accordingly.
    Select the Schedule accordingly for the penalised timings.
    Save the Schedule.

    For LAN tab rule, create a new rule and make sure it is right at the top of the list.
    For Action select 'Pass'.
    For Protocol select 'Any'.
    For Source select 'Single host or Alias'
    For Address enter '192.168.2.100'
    For Destination enter 'Any' (Alternatively, set to 'Not' 'LAN Address' if your client requires services from the router)

    Scroll down to 'Advanced Features'
    Go to 'Schedules'.
    Select the schedule you created.
    Go to 'In/ Out'.
    Under the first (left side box) select the upload limiter you created.

    Save the rule.

    Now go to Floating Tab.
    Create a new rule and make sure it is right at the top of the list.
    For Action select 'Queue' or 'Pass'.
    Check 'Apply the action immediately on match.'
    For Interface select 'WAN'
    Select 'In' for Direction.
    For Protocol select 'Any'.
    For Source select 'Any'
    For Destination enter 'Single host or alias'
    For Address enter '192.168.2.100'

    Scroll down to 'Advanced Features'
    Go to 'Schedules'.
    Select the schedule you created.
    Go to 'In/ Out'.
    Under the first (left side box) select the download limiter you created.
    Save the rule.

    That should do the trick (for new connections on that machine) once you applied the firewall configuration rules.



  • hi dreamslacker, i use 2.1-BETA AMD64 latest snapshot.
    i follow your config example, but the limiter only work on LAN interface. i try to add limiter rule in WAN tab, but it won't work also.
    do you have any suggestion? btw, i use squid proxy in transparant mode.





Locked