Bandwidth Module

Description

The module can be used to limit bandwidth to non-work related web/FTP sites, or to prevent FTP-related traffic from impacting too much on interactive telnet/ssh traffic.

It can also be used to give more bandwidth to certain clients or for traffic to certain sites.

Syntax

bandwidth: <bytes>

bytes is the maximum bandwidth to use per second, measured in bytes.

Semantics

The maximum allowed bandwidth set for a rule will be shared by all clients matching that rule. The Barefoot server will attempt to distribute the bandwidth to the matching clients in a least-recently used fashion, trying to let all clients get a fair share.

SIGHUP

A reload of the configuration file only affects sessions created after the reload. It will not affect any of the existing sessions.

This means that changing e.g., a pass statement to a block statement, does not terminate the session of any existing client. Likewise, changing the limits set in a rule does not change the values for any existing session.

After a reload of the configuration file, old sessions will continue to operate in a separate space, using the old configuration, while new sessions will use the new configuration.

Examples

Limiting web/http bandwidth

client pass {
   from: 0.0.0.0/0 to: barefoot-server port = http
   bounce to: internal-web-server
   bandwidth: 102400
}

Limiting the number of clients from a specific country

Lets assume all your important customers come from the domain important.example.com.

The next two rules then shows how you could accomplish this.

# clients from important company will not be bandwidth-limited.
client pass {
   from: .important.example.com to: barefoot-server port = http
   bounce to: internal-web-server
}





# clients from anywhere else will be banwidth-limited.
client pass {
   from: 0.0.0.0/0 to: barefoot-server port = http
   bounce to: internal-web-server
   bandwidth: 50000
}