[Firewall] Rate limiting / DMZ LAN settings

Mark mark at voidzero.net
Mon Oct 9 14:05:29 MDT 2006

Hi all,

I am moving away from using a Speedtouch as a multi-pc router, and using 
a debian box for this instead. I hope you can provide me help with 
config settings, as this is a little over my head. I hope I'm not asking 
for too much.

Here's my networking scheme as how I want it to be:

               / eth0 (   to internet router, gateway
debian router  - eth1 ( to pc / switch
               \ eth2 ( to neighbour's router: translates DHCP'ed
                                      IP to

As you can see, eth0 has incoming traffic. It has a fixed IP address. 
DHCP is running for eth1 and eth2.

There's one IP on eth1 that is always assigned to the same PC, being This IP has to be the DMZ; everything that's sent to the 
router has to be forwarded to that IP except for port 80. (ICMP: only 
ping requests)

Also the debian router must allow IPv6. It's assigned a 6to4 tunnel by 
hand, and it has to pass the tunnel through using radvd.

Also, regarding rate limiting:
I'd like to cap eth2 speed to 100kB/s down, and 10kB/s upstream, OR
I'd like to give eth1 and eth2 both a fixed half speed, OR
I'd like to give eth1 all preference over eth2.

My question basically is which settings I need to touch for all of this 
to work. (Except probably rate limiting; couldn't find it in the config. 
Could anyone help with that?)

Thanks very much in advance,
Sincerely, Mark.

More information about the Firewall mailing list