From owner-freebsd-pf@FreeBSD.ORG Fri May 18 11:42:29 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 66BB016A402 for ; Fri, 18 May 2007 11:42:29 +0000 (UTC) (envelope-from bounces@nabble.com) Received: from kuber.nabble.com (kuber.nabble.com [216.139.236.158]) by mx1.freebsd.org (Postfix) with ESMTP id 3F66C13C44B for ; Fri, 18 May 2007 11:42:29 +0000 (UTC) (envelope-from bounces@nabble.com) Received: from isper.nabble.com ([192.168.236.156]) by kuber.nabble.com with esmtp (Exim 4.63) (envelope-from ) id 1Hp0qq-0006pO-7N for freebsd-pf@freebsd.org; Fri, 18 May 2007 04:42:28 -0700 Message-ID: <10680560.post@talk.nabble.com> Date: Fri, 18 May 2007 04:42:28 -0700 (PDT) From: Umar To: freebsd-pf@freebsd.org In-Reply-To: <464D8AE8.30103@vwsoft.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Nabble-From: unix.co@gmail.com References: <10678120.post@talk.nabble.com> <464D70D0.3000608@vwsoft.com> <10679395.post@talk.nabble.com> <464D8AE8.30103@vwsoft.com> Subject: Re: bandwidth controlling with ALTQ X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 May 2007 11:42:29 -0000 Dear Volker Thanks again for your reply! this is my pf.conf file int_if = "xl0" ext_if = "fxp0" (DSL) ltq on $ext_if hfsc bandwidth 1Mb queue { qclient1 } queue qclient1 bandwdith 10Kb hfsc ( rio ) pass in quick log on $int_if proto tcp from 192.168.1.247 to any flags "S/SA" keep state queue qclient1 when i reload pf i got the error Reloading pf rules. /etc/pf.conf:34: syntax error /etc/pf.conf:51: bad flags S/SA on line:34 = queue qclient1 bandwdith 10Kb hfsc ( rio ) regards, Umar Draz Volker wrote: > > On 05/18/07 12:05, Umar wrote: >> Dear Volker >> >> Thanks for your reply! >> >> I have 1mb up and 1mb down DSL and i have total 20 client at this time. >> >>>> if you want to limit per IP address, you need to create one queue for >>>> every IP address in your internal network. >> >> Please tell me how i create the queue i will manage 20 queues by hand. >> But >> i don't know the exact syntax in PF-ALTQ > > Umar, > > well, here your nightmare comes true! It's not just creating the > queues, but have a different pass rule for every queue you're using. > Let's go (assuming hfsc scheduler, cbq, priq will also do it for you): > > $clientIP1="192.168.0.2" > $clientIP2="192.168.0.3" > > altq on $ext_if hfsc bandwidth 1Mb queue { qclient1, qclient2, > qclient3, ... } > queue qclient1 bandwdith 10Kb hfsc ( rio ) > queue qclient2 bandwidth 10Kb hfsc ( rio ) > ... > > pass in quick log on $int_if proto tcp from $clientIP1 to any \ > flags "S/SA" keep state queue qclient1 > pass in quick log on $int_if proto tcp from $clientIP2 to any \ > flags "S/SA" keep state queue qclient2 > > Note: You also have to define one default queue "hfsc ( default )". > Note2: You'll also want to pass other traffic (udp, icmp etc.). > > Happy maintenance! ;) > > HTH > > Volker > > PS: I suggest using a bandwidth for your root queue a bit lower than > what you think your connections' upstream really is. For a 1 Mb > upstream, a value of 940 Kb should be appropriate. > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > > -- View this message in context: http://www.nabble.com/bandwidth-controlling-with-ALTQ-tf3776301.html#a10680560 Sent from the freebsd-pf mailing list archive at Nabble.com.