Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Limiter On Wan Interface

    Scheduled Pinned Locked Moved Traffic Shaping
    8 Posts 3 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kayo_tec
      last edited by

      How to create  a limiter rule on my wan interface to specific external host ?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • N
        Nullity
        last edited by

        Create your limiter. Create a WAN firewall rule to catch the designated traffic and at the botton of the firewall rule  page, select your limiters.

        Please correct any obvious misinformation in my posts.
        -Not a professional; an arrogant ignoramous.

        1 Reply Last reply Reply Quote 0
        • K
          kayo_tec
          last edited by

          Thanks man, i create rule and limiter, but not work.

          1 Reply Last reply Reply Quote 0
          • K
            kayo_tec
            last edited by

            Other information is, this traffic is generated from proxy.

            1 Reply Last reply Reply Quote 0
            • DerelictD
              Derelict LAYER 8 Netgate
              last edited by

              You need to set the limiter on the rule where the connection/state is established.

              This is probably easiest done on LAN.

              If this is for inbound connections, it is probably easiest done on the firewall rule on WAN that permits the inbound connection.

              Another possibility might be a floating match rule on WAN out.  Note that this reverses the direction of the In/Out queues.

              At least I think.  I've never set a limiter on a specific outside address.

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • K
                kayo_tec
                last edited by

                thanks for suggestions, i will test this solutions…

                1 Reply Last reply Reply Quote 0
                • DerelictD
                  Derelict LAYER 8 Netgate
                  last edited by

                  I didn't see the post about the proxy. If you want to limit traffic to/from specific outside IP addresses I think your only choice is a floating match rule on WAN out to catch the connections being made to those addresses and setting the limiters.

                  In/out will correspond to Upload/Download I think.

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • N
                    Nullity
                    last edited by

                    @Derelict:

                    I didn't see the post about the proxy. If you want to limit traffic to/from specific outside IP addresses I think your only choice is a floating match rule on WAN out to catch the connections being made to those addresses and setting the limiters.

                    In/out will correspond to Upload/Download I think.

                    I think I have had 3 or 4 distinct times where I thought I had a good grasp of limiters, but each time the level of confusion grows in a brand-new exciting way. Networking kryptonite or something.

                    Please correct any obvious misinformation in my posts.
                    -Not a professional; an arrogant ignoramous.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.