when last we saw our hero (Tuesday, Jul 23, 2002), 
 Daniel Taylor was madly tapping out:
> On Tue, 23 Jul 2002, steve ulrich wrote:
> >
> > if i might interject here - i believe that there are mechanisms which
> > might be useful for folks that want to host access points for a co-op
> > but are concerned about violation of their AUP.
> >
> > a discussion of tunneling mechanisms might be in order for our next
> > meeting.  they definitely violate the intent (and quite likely the
> > explicit wording) of an AUP but may provide a mechanism for working
> > around some thorny issues.
> >

> Actually, Mike has some very good points WRT bandwidth control and
> access control. And (as if it weren't obvious to all and sundry by
> now) I have trouble with "gray market" bandwidth. The AUP may be
> aggregious and wrong, but it is _their_ network, and they can set
> whatever terms of access they want that the law allows.

i wholeheartedly agree with that.  however, there are some folks that
are intent on participating and willing to go down the path of
possible AUP violation but don't want it traceable back to them. 

these tools have very legitimate uses and if people want to use these
tools in such a fashion i suppose i could look the other way. 

> We have some good starting points for access control, but there is
> obviously work necessary there. Does anyone have a good handle on
> the firewalling rules necessary for bandwidth control?

the rub here is that the firewalling rules are rather platform
specific.  i can give you the rules for doing this sort of thing on an
IOS or JunOS based platform and i'm pretty close to having all of the
rules squared away for doing this w/pf and altq (i haven't had a
chance to test this with pagent yet) and it's trivial
to do w/dummynet. 

per our discussion on this at the second meeting - we should come up
with turnkey mechanisms for doing this for a handful of platforms to
facilitate this.

steve ulrich                       sulrich at botwerks.org
PGP: 8D0B 0EE9 E700 A6CF ABA7  AE5F 4FD4 07C9 133B FAFC