From owner-freebsd-pf@FreeBSD.ORG Thu Sep 16 04:05:29 2004 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 674) id 5115D16A4D2; Thu, 16 Sep 2004 04:05:29 +0000 (GMT) Delivered-To: mlaier@vampire.homelinux.org Received: (qmail 64161 invoked by alias); 15 Jun 2004 21:06:25 -0000 Delivered-To: max@vampire.homelinux.org Received: (qmail 64158 invoked from network); 15 Jun 2004 21:06:24 -0000 Received: from moutng.kundenserver.de (212.227.126.185) by p5480809c.dip.t-dialin.net with SMTP; 15 Jun 2004 21:06:24 -0000 Received: from [212.227.126.163] (helo=mxng10.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1BaL8X-0006CA-00 for max@vampire.homelinux.org; Tue, 15 Jun 2004 23:06:29 +0200 Received: from [206.53.239.180] (helo=turing.freelists.org) by mxng10.kundenserver.de with esmtp (Exim 3.35 #1) id 1BaL8X-0002yF-00 for max@love2party.net; Tue, 15 Jun 2004 23:06:29 +0200 Received: from localhost (localhost [127.0.0.1])ESMTP id 33B4572C83A; Tue, 15 Jun 2004 15:45:25 -0500 (EST) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 28531-38; Tue, 15 Jun 2004 15:45:25 -0500 (EST) Received: from turing (localhost [127.0.0.1])ESMTP id AE02372CA68; Tue, 15 Jun 2004 15:45:24 -0500 (EST) Received: with ECARTIS (v1.0.0; list pf4freebsd); Tue, 15 Jun 2004 15:45:09 -0500 (EST) X-Original-To: pf4freebsd@freelists.org Delivered-To: pf4freebsd@freelists.org Received: from localhost (localhost [127.0.0.1])ESMTP id 839A472C83A for ; Tue, 15 Jun 2004 15:45:08 -0500 (EST) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 28346-33 for ; Tue, 15 Jun 2004 15:45:08 -0500 (EST) Received: from smtp7.poczta.onet.pl (smtp7.poczta.onet.pl [213.180.130.47]) ESMTP id 03D8F72C307 for ; Tue, 15 Jun 2004 15:45:08 -0500 (EST) Received: from pc90.jaslo.sdi.tpnet.pl ([80.49.23.90]:3588 "EHLO dom") by ps7.test.onet.pl with ESMTP id ; Tue, 15 Jun 2004 23:05:21 +0200 Message-ID: <000501c4531c$b2238b00$1501000a@dom> From: "Baroo" To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-Virus-Scanned: by amavisd-new at freelists.org X-archive-position: 324 X-ecartis-version: Ecartis v1.0.0 Sender: pf4freebsd-bounce@freelists.org Errors-To: pf4freebsd-bounce@freelists.org X-original-sender: baroo@poczta.onet.pl Precedence: normal X-list: pf4freebsd X-Virus-Scanned: by amavisd-new at freelists.org X-Provags-Forward: max@love2party.net -> max@vampire.homelinux.org X-UID: 440 X-Length: 4715 X-Mailman-Approved-At: Thu, 16 Sep 2004 04:06:09 +0000 Subject: [pf4freebsd] Some changes in ALTQ implementation X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: pf4freebsd@freelists.org List-Id: Technical discussion and general questions about packet filter (pf) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Thu, 16 Sep 2004 04:05:29 -0000 X-Original-Date: Tue, 15 Jun 2004 23:06:57 +0200 X-List-Received-Date: Thu, 16 Sep 2004 04:05:29 -0000 Hi I have some idea for implementation of pf in freebsd. I know that in the native implementation of pf queues filters are making with pass rules. (eg. pass out on fxp0 from any to any port 22 queue ssh ). I think that more resonable is to make an independent filters but in pf.conf file. This can be useful in many configurations, because sometimes administrators want to make an QoS configuration independent from packet filtering. Let say we have an internet gateway with two interfaces. For filtering we could use only one rule pass out on $EXT_IF from $NAT_ALLOW to any keep state an for qos something like this: traffic out on $EXT_IF proto tcp from $NAT_ALLOW to any port 22 queue prio traffic out on $EXT_IF proto udp from $NAT_ALLOW to any port 53 queue prio traffic out on $EXT_IF proto icmp from $NAT_ALLOW to any queue prio traffic out on $EXT_IF from 10.0.1.10 to any queue (user1, prio) traffic out on $EXT_IF from 10.0.1.11 to any queue (user2, prio) traffic out on $EXT_IF from 10.0.1.12 to any queue (user3, prio) traffic out on $EXT_IF from 10.0.1.13 to any queue (user4, prio) ... What are you think about it? And the second thing. Are there any plans to make an ingress shaping (to make a viritual pipe for queueing). It could be use to queueing a router traffic (eg. if we have a ftp server on the same machine as router) or shaping bandwidth between multiplie interfaces. Thanks for your job around this project.