hi all, I recently discovered a GPL'd util named "Throttled" which bring ipfw-based bandwidth management to OSX, in lieu of "dummynet" (ne1 know WHY dummynet is missing from OSX in the 1st place?). For reference, "Throttled" can be found at: http://www.intrarts.com/throttled.html Throttled "does its thing" by running port-specific tcp traffic through an ipfw divert rule; e.g. - in order to limit upload (outbound) traffic from a port:80 Apache server to $MAXSPEED KB/s, you first initialize throttled (here, to ITS default port:17777) /usr/local/sbin/throttled -s $MAXSPEED -d 17777 and then add an ipfw rule, e.g.: /sbin/ipfw add divert 17777 tcp from $IP 80 to any out xmit $INTERFACE where $IP == machine's PUBLIC IP address, or "any", and $INTERFACE == machine's WAN ethernet interface (e.g., "en0") this works quite nicely, and is straightforward/clear to me, ..... but, NOT when I consider integrating into my NATd env/config. I'm interested in integrating Throttled into my OSX ipfw+natd+dhcp environment. specifically, my NATd runs on $INTERFACE, as is common, at a dynamically assigned public IP (requiring "any" for $IP ...) my gateway LAN address is IP = 10.0.0.1, and my internal web server is IP = 10.0.0.2 NATd is command-line configured with: /usr/sbin/natd -interface $INTERFACE -dynamic -port 8668 -unregistered_only -use_sockets -redirect_port tcp 10.0.0.2:80 80 and the natd ipfw rule is: /sbin/ipfw add 1000 divert natd ip from any to any via $INTERFACE i'm a bit confused as to whether the two divert rules (throttled and natd) will conflict, and/or whether there is an order/priority issue .... bottom line: can throttled & natd CO-EXIST? and if so, what's the proper configuration? i've contacted the Throttled author re: this question, and altho he wasn't certain of the answer, he speculated that divert sockets DO NOT GET REINSERTED into the ipfw rule list after they are processed, thus preventing passing the TCP traffic through BOTH divert rules ... but that there are changeable kernel directives to change this behavior ... any wisdom/insight is much appreciated! blakers _______________________________________________ darwin-kernel mailing list | darwin-kernel@lists.apple.com Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/darwin-kernel Do not post admin requests to the list. They will be ignored.