/etc/bwctl/bwctld.limits is in bwctl-server 1.4.1~rc2-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 | #
# $Id: bwctld.limits 467 2008-06-11 19:40:02Z aaron $
#
#########################################################################
# #
# Copyright (C) 2003 #
# University Corporation for Advanced Internet Development #
# All Rights Reserved #
# #
#########################################################################
#
# File: bwctld.limits
#
# Author: Jeff W. Boote
# Internet2
#
# Date: Tue Sep 9 16:29:19 MDT 2003
#
# Description:
# This is an EXAMPLE "limits" file for the bwctld
# process.
#
# You SHOULD change this to meet the requirements for
# your local deployment needs!
#
# This example configuration allows Abilene measurement
# hosts to run tests to your server, but will not allow
# you to run tests to your own hosts. This is intentional
# so you will have to look at this file and modifiy it.
#
#
# Basics:
# Almost the same as owampd - with the following limit types defined:
#
# parent
# bandwidth
# pending
# event_horizon
# duration
# allow_open_mode
# allow_tcp
# allow_udp
# max_time_error
#
# setup the root node with max bandwidth as open as possible.
# Super-user access
limit root with \
bandwidth=900m, \
duration=30, \
allow_udp=on, \
allow_tcp=on, \
allow_open_mode=off, \
max_time_error=20
# minimal everything
# send hackers and bad nets here
limit jail with parent=root, \
bandwidth=1, \
duration=1, \
allow_udp=off, \
allow_tcp=off, \
allow_open_mode=off
# allow anything - including unauthenticated.
# send local clients here
limit local with parent=root, \
allow_open_mode=on
# wide open everything - unspecified values default
# to parent permissions
# Turn off UDP testing for Knoppix distribution.
limit regular with parent=root, \
duration=30, \
allow_tcp=on, \
allow_udp=off, \
allow_open_mode=on
# default everything to regular user access
# this allows TCP for up to 30 seconds and
# no UDP tests
assign default regular
# hacker and BBI networks
# this shows a 172.16 private address block being
# prohibited
# see RFC 1918 for a descripton of private address blocks
assign net 172.16.10.0/24 jail
# localhost (and any other hosts you completely trust)
# (might as well trust localhost, the user could run iperf directly...)
assign net 127.0.0.1/32 local
assign net ::1/128 local
|