Date: Mon, 29 May 2006 19:10:00 -0300 From: gus <gus@clacso.edu.ar> To: "Peter N. M. Hansteen" <peter@bgnett.no> Cc: freebsd-pf@freebsd.org Subject: Re: pf configuration de Argentina Message-ID: <447B7138.9050009@clacso.edu.ar> In-Reply-To: <86irnrahoj.fsf@amidala.datadok.no> References: <4474CE3D.8050702@clacso.edu.ar> <86slmy1e28.fsf@amidala.datadok.no> <44775759.9080202@clacso.edu.ar> <86irnrahoj.fsf@amidala.datadok.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter
Thanks very much for the link..
Here my new file pf.conf
==================================================
ext_if="xl0" # replace with actual external interface name i.e., dc0
internal_net="168.96.200.0/24"
table <lan> { 168.96.200.9, 168.96.200.8, 168.96.200.54, 168.96.200.196 }
table <badboys> { 168.96.200.57, 168.96.200.87, 168.96.200.36 }
altq on $ext_if cbq bandwidth 1Mb queue { def, ftp, udp, http, ssh, \
icmp, lan, badboys }
queue def bandwidth 15% cbq (default borrow red)
queue ftp bandwidth 15% cbq (borrow red)
queue udp bandwidth 38% cbq (borrow red)
queue http bandwidth 10% cbq (borrow red)
#queue ssh bandwidth 20% cbq (borrow red) { ssh_interactive, ssh_bulk }
#queue ssh_interactive priority 7
#queue ssh_bulk priority 0
queue icmp bandwidth 2% cbq
queue lan bandwidth 10% priority 4 cbq (borrow red)
queue badboys bandwidth 10% priority 4 cbq (borrow red)
#pass log quick on $ext_if proto tcp from any to any port 22 flags S/SA \
keep state queue (ssh_bulk, ssh_interactive)
pass in quick on $ext_if proto tcp from any to any port 20 flags S/SA \
keep state queue ftp
pass in quick on $ext_if proto tcp from any to any port 80 flags S/SA \
keep state queue http
pass out on $ext_if proto udp all keep state queue udp
pass out on $ext_if proto icmp all keep state queue icmp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?447B7138.9050009>