when last we saw our hero (Tuesday, Jul 23, 2002), Daniel Taylor was madly tapping out: > On Tue, 23 Jul 2002, steve ulrich wrote: > > > > > if i might interject here - i believe that there are mechanisms which > > might be useful for folks that want to host access points for a co-op > > but are concerned about violation of their AUP. > > > > a discussion of tunneling mechanisms might be in order for our next > > meeting. they definitely violate the intent (and quite likely the > > explicit wording) of an AUP but may provide a mechanism for working > > around some thorny issues. > > > Actually, Mike has some very good points WRT bandwidth control and > access control. And (as if it weren't obvious to all and sundry by > now) I have trouble with "gray market" bandwidth. The AUP may be > aggregious and wrong, but it is _their_ network, and they can set > whatever terms of access they want that the law allows. i wholeheartedly agree with that. however, there are some folks that are intent on participating and willing to go down the path of possible AUP violation but don't want it traceable back to them. these tools have very legitimate uses and if people want to use these tools in such a fashion i suppose i could look the other way. > We have some good starting points for access control, but there is > obviously work necessary there. Does anyone have a good handle on > the firewalling rules necessary for bandwidth control? the rub here is that the firewalling rules are rather platform specific. i can give you the rules for doing this sort of thing on an IOS or JunOS based platform and i'm pretty close to having all of the rules squared away for doing this w/pf and altq (i haven't had a chance to test this with pagent yet) and it's trivial to do w/dummynet. per our discussion on this at the second meeting - we should come up with turnkey mechanisms for doing this for a handful of platforms to facilitate this. -- steve ulrich sulrich at botwerks.org PGP: 8D0B 0EE9 E700 A6CF ABA7 AE5F 4FD4 07C9 133B FAFC