From owner-freebsd-pf@FreeBSD.ORG Sun Oct 28 23:37:24 2007 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 03A8F16A418; Sun, 28 Oct 2007 23:37:24 +0000 (UTC) (envelope-from amb@amb.kiev.ua) Received: from simmts5-srv.bellnexxia.net (simmts5.bellnexxia.net [206.47.199.163]) by mx1.freebsd.org (Postfix) with ESMTP id 0C31313C4BB; Sun, 28 Oct 2007 23:37:22 +0000 (UTC) (envelope-from amb@amb.kiev.ua) Received: from amb.homeunix.org ([156.34.188.4]) by simmts5-srv.bellnexxia.net (InterMail vM.5.01.06.13 201-253-122-130-113-20050324) with ESMTP id <20071028233719.UWWX9038.simmts5-srv.bellnexxia.net@amb.homeunix.org>; Sun, 28 Oct 2007 19:37:19 -0400 Received: from server.amb.kiev.ua ([10.15.25.2] helo=amb.kiev.ua) by amb.homeunix.org with esmtp (Exim 4.68 (FreeBSD)) (envelope-from ) id 1ImHgw-000AAA-4P; Sun, 28 Oct 2007 20:37:14 -0300 Message-ID: <47251D29.4020702@amb.kiev.ua> Date: Sun, 28 Oct 2007 20:37:13 -0300 From: Andrew Birukov User-Agent: Thunderbird 2.0.0.6 (X11/20070803) MIME-Version: 1.0 To: Abdullah Ibn Hamad Al-Marri References: <216439.6336.qm@web33706.mail.mud.yahoo.com> In-Reply-To: <216439.6336.qm@web33706.mail.mud.yahoo.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-SA-Exim-Connect-IP: 10.15.25.2 X-SA-Exim-Rcpt-To: wearabnet@yahoo.ca, freebsd-stable@freebsd.org, freebsd-pf@freebsd.org X-SA-Exim-Mail-From: amb@amb.kiev.ua X-SA-Exim-Scanned: No (on amb.homeunix.org); SAEximRunCond expanded to false Cc: freebsd-stable@freebsd.org, freebsd-pf@freebsd.org Subject: Re: pf broken in 7.0-BETA1 ? X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Oct 2007 23:37:24 -0000 Abdullah Ibn Hamad Al-Marri wrote: > ----- Original Message ---- >> From: Andrew Birukov >> To: Ermal Luçi >> Cc: freebsd-stable@freebsd.org; freebsd-pf@freebsd.org >> Sent: Sunday, October 28, 2007 10:34:56 PM >> Subject: Re: pf broken in 7.0-BETA1 ? >> >> Ermal Luçi wrote: >>> Try using >>> >>> pass out on $ext_if proto tcp from any to any tos 0x10 no keep >> state >> > queue ssh >>> and it should work as you expect! >> pf.conf >> ------------------------------------------------------------------- >> ext_if="xl0" >> >> altq on $ext_if priq bandwidth 520Kb queue { ssh, traf } >> queue ssh priority 1 >> queue traf priority 15 priq(default) >> >> pass in all >> pass out all >> >> pass out on $ext_if proto tcp from any to any tos 0x10 no keep state >> queue ssh >> ------------------------------------------------------------------- >> >> # /etc/rc.d/pf restart >> Disabling pf. >> pf disabled >> Enabling pf. >> /etc/pf.conf:10: syntax error >> pfctl: Syntax error in config file: pf rules not loaded >> pf enabled >> >> Unfortunately syntax error... >> >> >> -- >> Andrew Biriukov >> amb@amb.kiev.ua > > > Is this related to your problem? > > http://www.nabble.com/Suggestion-with-patch%2C-change-PF-TOS-matching-to-bitmask-tf4697797.html It is not related, but interesting for me. I am going to try this patch. Thank you! -- Andrew Biriukov amb@amb.kiev.ua