Date: Thu, 10 Jan 2008 07:50:02 GMT From: Marc Silver <marcs@draenor.org> To: freebsd-doc@FreeBSD.org Subject: Re: docs/113464: Error regarding IPF and ALTQ in handbook Message-ID: <200801100750.m0A7o2Cn029136@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR docs/113464; it has been noted by GNATS.
From: Marc Silver <marcs@draenor.org>
To: bug-followup@FreeBSD.org, josh@tcbug.org
Cc:
Subject: Re: docs/113464: Error regarding IPF and ALTQ in handbook
Date: Thu, 10 Jan 2008 09:46:38 +0200
--HcAYCG3uE/tztfnV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Hi there,
I've done a bit of research into this and from what I can see, there is
no direct support for ALTQ in IPFILTER itself. However, everything I
could find suggests that ALTQ/PF or DUMMYNET/IPFW can be used in
conjunction with IPFILTER, provided that one is dedicated to traffic
shaping and the other to filtering and NAT.
To that end I've mangled the firewall chapter to update the information
surrounding this particular issue.
Hope this helps,
Cheers,
Marc
--HcAYCG3uE/tztfnV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="firewall-chapter.sgml.patch"
--- chapter.sgml.orig 2008-01-10 08:46:33.000000000 +0200
+++ chapter.sgml 2008-01-10 09:35:19.000000000 +0200
@@ -151,12 +151,16 @@
<acronym>PF</acronym>). &os; also has two built in packages for
traffic shaping (basically controlling bandwidth usage):
&man.altq.4; and &man.dummynet.4;. Dummynet has traditionally been
- closely tied with <acronym>IPFW</acronym>, and
- <acronym>ALTQ</acronym> with
- <acronym>IPF</acronym>/<acronym>PF</acronym>. IPF,
- IPFW, and PF all use rules to control the access of packets to and
- from your system, although they go about it different ways and
- have different rule syntaxes.</para>
+ closely tied with <acronym>IPFW</acronym>, while
+ <acronym>ALTQ</acronym> may be used with <acronym>PF</acronym>.
+ Traffic shaping can currently be achieved with
+ <acronym>IPFILTER</acronym> by using <acronym>IPFILTER</acronym>
+ for filtering and NAT in conjunction with <acronym>IPFW</acronym>
+ and dummynet <emphasis>or</emphasis> <acronym>PF</acronym> with
+ <acronym>ALTQ</acronym> for traffic shaping. IPF IPFW, and PF all
+ use rules to control the access of packets to and from your system,
+ although they go about it different ways and have different rule
+ syntaxes.</para>
<para>The reason that &os; has multiple built in firewall packages
is that different people have different requirements and
--HcAYCG3uE/tztfnV--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200801100750.m0A7o2Cn029136>