FreeBSD has an easy-to-use ability to limit the rate of a subset of traffic. This is provided by the Dummynet system. The most likely use for this in a wireless deployment is to limit how much traffic users of the wireless network can pass to the Internet. There are two steps to enabling Dummynet. First, kernel support for it has to be enabled with the following option in the kernel configuration:

options DUMMYNET

After compiling the kernel with that option, two new rules have to be added at the start of our firewall script. These two rules should be placed after the variable definitions, but before all of the other add rules:

${fwcmd} add pipe 1 ip from ${wif} to any via ${oif}
${fwcmd} pipe 1 config bw 100Kbit/s

The first rule creates a new pipe that will channel all traffic from the wireless interface to the outside interface. The second rule configures that pipe with a bandwidth (bw) limitation of 100 KBit/s. This number can be adjusted to reflect how much bandwidth the wireless network should have access to.

The first rule, the one that creates the pipes, will show up with all the other rules when the ipfw list command is given. To see the actual configuration of pipes however, ipfw pipe list needs to be used.