Thanks for the help so far... > : (ie: Each user connects to the VPN server then connects > netmeeting from : point to point using the private ip that the > poptop pptp vpn assigns : each client) > > Neat idea. Thanks. It works quite well with VPN off a NT4 machine but I wanted to do it all on a nix machine :) Talk about make things hard thou... getting RRAS working on NT took an hour. > : I want to be able to restrict each vpn tunnel to xk (where xk > might be : 128kbits or less). > > You'll probably want to use an HTB tree with a child class where > rate=ceil=128kbit for each of your clients...but you'll probably get > some ideas of your own as you familiarize yourself with the tools. Before I got your message I spent a couple of hours reading chapter 9 of the how to at lartc.org. The HTB option makes sense in concept to me... Can you provide some example syntax for me given the following... Lan Testing... I have set up poptop with a local IP of 192.168.1.6 and remote IP of 192.168.1.200-250 I have 2 windows machines (XP Home & Win2k server) connecting as clients. They come up as ppp0:192.168.1.200 and ppp1:192.168.1.201 when I check using ifconfig. The machines are all connected to a 10bit hub I would like to slow the connections to 56kbits Internet Testing... On Monday Telecom NZ will deliver the second of 2 128k ADSL connections. I will then put the two WIN machines on Inet1 and the linux box on Inet2. I would like to slow the connections to 56kbits - this should mean that Inet1 and 2 both have 112kbits running across them. Does this all make sense? As I understand it the HTB works by limited the 'outgoing' data and not the incomming data and the limits will be placed on the ppp sessions and not the eth0. How do I make the limiting start when the ppp session comes up? > : I also want to be able to stop users from using any ports on the vpn > : tunnel other than the ones required by netmeeting and port 80. > > Use iptables. The iptables tutorial [3] will help you here. I suspected you were going to say as must... iptables is next on my learning curve! > : I have read all about compiling kernels but I still haven't got this > : sused. > > This makes no sense to me. What means this verb "sused"? I might not have spelt it right. Like the English use the word 'sorted' as in "I don't have the problem sorted out." In other words, "I understand the theory of compiling a kernel but I haven't done it in pratice". :) Sorry for using slang on an international forum :) > Is that what > happens when an admin leaves, dropping a lousy old crufty SuSe box > in your lap? ( "I've been Sused!" ?? ) heheheh :) In seriousness, though, > what distribution and kernel are you using? It is likely if you > have a recent installation that you have everything you need already > (with the possible exception of an HTB-capable tc). I'm using Rethat 9 with kernel 2.4.20-8. Thanks again for your assistance. Cheers DiG -- Don Gould The technology exists to give every home 10mbits per second for $10 per month! http://sourceforge.net/donate/ - Give a little and watch the love grow! www.skype.com - sorry it's not a linux tool but it's very kewl! Wish a linux guru would make something for nix as good as this! news@xxxxxxxxxxxx - Best information about DSL technology and trends I've found yet. http://www.linuxforum.com/forums/ - need I say more? :) http://australianit.news.com.au/ - My fav IT news site. http:/ _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/