Last active
December 30, 2022 17:59
-
-
Save dreness/20d7ae82df3997be5d47 to your computer and use it in GitHub Desktop.
A script to apply bandwidth limits to specific traffic in OS X using pf and dummynet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Create a file such as /Users/you/Documents/pftable to hold a list of IPs or subnets to throttle. | |
| # Example file contents: | |
| # 1.2.3.4 | |
| # 2.3.4.5/16 | |
| # Reset dummynet to default config | |
| dnctl -f flush | |
| # Compose an addendum to the default config to create a new anchor and table file | |
| read -d '' -r PF <<EOF | |
| dummynet-anchor "myanchor" | |
| anchor "myanchor" | |
| table <pftable> persist file "/Users/you/Documents/pftable" | |
| EOF | |
| # Reset PF to default config and apply our addendum | |
| (cat /etc/pf.conf && echo "$PF") | pfctl -q -f - | |
| # Configure the new anchor | |
| cat <<EOF | pfctl -q -a myanchor -f - | |
| no dummynet quick on lo0 all | |
| dummynet out proto tcp from any to <pftable> pipe 1 | |
| EOF | |
| # Create the dummynet queue | |
| dnctl pipe 1 config bw 1Mbit/s | |
| # Show new configs | |
| printf "\nGlobal pf dummynet anchors:\n" | |
| pfctl -q -s dummynet | |
| printf "\nmyanchor config:\n" | |
| pfctl -q -s dummynet -a myanchor | |
| printf "\npftable config:\n" | |
| pfctl -q -t pftable -T show | |
| printf "\ndummynet config:\n" | |
| dnctl show queue | |
| # Enable PF | |
| sudo pfctl -E |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment