From owner-freebsd-questions@FreeBSD.ORG Sun Nov 11 17:50:36 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DB88116A41B for ; Sun, 11 Nov 2007 17:50:36 +0000 (UTC) (envelope-from peter@boosten.org) Received: from smtpq1.groni1.gr.home.nl (smtpq1.groni1.gr.home.nl [213.51.130.200]) by mx1.freebsd.org (Postfix) with ESMTP id 69F9713C4C4 for ; Sun, 11 Nov 2007 17:50:36 +0000 (UTC) (envelope-from peter@boosten.org) Received: from [213.51.130.188] (port=50957 helo=smtp3.groni1.gr.home.nl) by smtpq1.groni1.gr.home.nl with esmtp (Exim 4.30) id 1IrGwF-0004uX-NN for freebsd-questions@freebsd.org; Sun, 11 Nov 2007 18:49:39 +0100 Received: from cp268254-a.landg1.lb.home.nl ([213.51.103.48]:5035 helo=ra.egypt.nl) by smtp3.groni1.gr.home.nl with esmtp (Exim 4.60) (envelope-from ) id 1IrGwE-0002Ab-9O for freebsd-questions@freebsd.org; Sun, 11 Nov 2007 18:49:39 +0100 Received: from www.boosten.org (localhost.egypt.nl [127.0.0.1]) by ra.egypt.nl (Postfix) with ESMTP id 1B9D0398B6 for ; Sun, 11 Nov 2007 18:49:37 +0100 (CET) Received: from 192.168.13.35 (SquirrelMail authenticated user peter) by www.boosten.org with HTTP; Sun, 11 Nov 2007 18:49:37 +0100 (CET) Message-ID: <3815.192.168.13.35.1194803377.squirrel@www.boosten.org> In-Reply-To: <20071111144325.GA3433@saraswathy.susmita.org> References: <53330.192.168.13.8.1194786209.squirrel@www.boosten.org> <20071111144325.GA3433@saraswathy.susmita.org> Date: Sun, 11 Nov 2007 18:49:37 +0100 (CET) From: "Peter Boosten" To: freebsd-questions@freebsd.org User-Agent: SquirrelMail/1.5.1 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.3 (/) Subject: Re: Quick question about PF and ALTQ X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Nov 2007 17:50:36 -0000 On Sun, November 11, 2007 15:43, Girish Venkatachalam wrote: > On 14:03:29 Nov 11, Peter Boosten wrote: > >> Hi all, >> >> >> One quick question: is it possible to filter specific kinds of traffic >> with altq, traffic that is not bound to specific IP addresses, like >> online radio? >> > > Yes. > > > Not altq(It is for QoS). > > > But pf can of course. :) > > > localip =3D "www.shoutcast.com" radioport =3D 554 block quick out on f= xp0 > proto tcp from any to $remoteip port $radioport > > Here is an example for you lift and plonk into your /etc/pf.conf. :) > > > Best of luck! > > > Obviously the IP and port are fictitious. > > > This will block all the incoming traffic from any internal IP to the > online radio service. > > Hope this helps. > > > regards, Girish > What is the port for online radio? Many use http. If you want to block > RTSP, then I guess it should be 554 Thanks for your answer, although that's not quite what I'm looking for: I know it's possible to 'shape' the traffic with altq, so it's possible i= n theory to shape certain kind of traffic to almost nihil. Smart devices like packetshapers (and even some proxy appliances like Blue Coat) have separate categories for streaming media, so I was wondering if PF and alt= q could do the same. Your solution works, however you'll have to know what sites are being visited in order to block them entirely. Peter --=20 http://www.boosten.org