Date: Sun, 11 Nov 2007 18:49:37 +0100 (CET) From: "Peter Boosten" <peter@boosten.org> To: freebsd-questions@freebsd.org Subject: Re: Quick question about PF and ALTQ Message-ID: <3815.192.168.13.35.1194803377.squirrel@www.boosten.org> In-Reply-To: <20071111144325.GA3433@saraswathy.susmita.org> References: <53330.192.168.13.8.1194786209.squirrel@www.boosten.org> <20071111144325.GA3433@saraswathy.susmita.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, November 11, 2007 15:43, Girish Venkatachalam wrote: > On 14:03:29 Nov 11, Peter Boosten wrote: > >> Hi all, >> >> >> One quick question: is it possible to filter specific kinds of traffic >> with altq, traffic that is not bound to specific IP addresses, like >> online radio? >> > > Yes. > > > Not altq(It is for QoS). > > > But pf can of course. :) > > > localip =3D "www.shoutcast.com" radioport =3D 554 block quick out on f= xp0 > proto tcp from any to $remoteip port $radioport > > Here is an example for you lift and plonk into your /etc/pf.conf. :) > > > Best of luck! > > > Obviously the IP and port are fictitious. > > > This will block all the incoming traffic from any internal IP to the > online radio service. > > Hope this helps. > > > regards, Girish > What is the port for online radio? Many use http. If you want to block > RTSP, then I guess it should be 554 Thanks for your answer, although that's not quite what I'm looking for: I know it's possible to 'shape' the traffic with altq, so it's possible i= n theory to shape certain kind of traffic to almost nihil. Smart devices like packetshapers (and even some proxy appliances like Blue Coat) have separate categories for streaming media, so I was wondering if PF and alt= q could do the same. Your solution works, however you'll have to know what sites are being visited in order to block them entirely. Peter --=20 http://www.boosten.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3815.192.168.13.35.1194803377.squirrel>