From owner-freebsd-questions@FreeBSD.ORG Thu Mar 27 22:43:22 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 38927106564A for ; Thu, 27 Mar 2008 22:43:22 +0000 (UTC) (envelope-from joeryan3@gmail.com) Received: from el-out-1112.google.com (el-out-1112.google.com [209.85.162.182]) by mx1.freebsd.org (Postfix) with ESMTP id E7DA38FC1D for ; Thu, 27 Mar 2008 22:43:21 +0000 (UTC) (envelope-from joeryan3@gmail.com) Received: by el-out-1112.google.com with SMTP id n30so2840485elf.7 for ; Thu, 27 Mar 2008 15:43:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; bh=B6IjccKONe349SbhWC2sMym5K4zLnhutOCchmNE0VRI=; b=MM8hVHWjKs1PwIg+HcKCGvIZT2s394H7Dkpp3HbboaDz+MFNaQf3d2xL9TKFsCGAEI2T7TMnSmoV2w4rotk+Iv1kvw+CZonaxwFRYaUQL4PLFS5hIuGf0oWbmly/e/geeVo1OTdQsv+BsXWFPUatIkgjhbTOWCgG8wLQqLI7aKs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:mime-version:content-type; b=jtBLQgPYKSYD9Y74Od2MJydCNoz/eedcaE8Ud4sJe9bx8TSWjWufvg11FQJKozO2xscF1W37cUSCKUUz6hAt8RGcfDcLNSmMCecN9RntS7n4H9/glMVvrW+7d5xFWSy+tytHIFSCnqcABFNVD+NZ5+BMTQkNVBFebYuFNpR+5qs= Received: by 10.142.52.9 with SMTP id z9mr1865985wfz.201.1206656290273; Thu, 27 Mar 2008 15:18:10 -0700 (PDT) Received: by 10.142.180.9 with HTTP; Thu, 27 Mar 2008 15:18:09 -0700 (PDT) Message-ID: <32e5d9700803271518r43c2653av4618cbd78b9bfc7d@mail.gmail.com> Date: Thu, 27 Mar 2008 18:18:09 -0400 From: "Joe Ryan" To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Limiting Individual User Upload w/ PF+ALTQ X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Mar 2008 22:43:22 -0000 I am trying to setup traffic shaping on our network. I was wondering if it was possible to limit a users download bandwidth and upload bandwidth within the same state connection. For example, say a user connects to an external FTP site and does some uploading and downloading. Can I allow him to download at 1Mb but limit his upload to 500Kb? As I understand the packet filtering of PF, the first packet creates a state and the rest are then ignored by the filtering software. If this is true, the users first packet will be inbound on the internal interface which will be queued for download speed. This makes sense to me when you want to queue the entire connection but how do I then do a separate queue on the traffic coming back? I am using 7.0 STABLE. Thanks in advance, Joe