From owner-freebsd-stable@FreeBSD.ORG Sun Oct 28 21:50:09 2007 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 32F7E16A418; Sun, 28 Oct 2007 21:50:09 +0000 (UTC) (envelope-from fb-stable@psconsult.nl) Received: from ps226.psconsult.nl (ps226.psconsult.nl [213.222.19.226]) by mx1.freebsd.org (Postfix) with ESMTP id B55EA13C480; Sun, 28 Oct 2007 21:50:08 +0000 (UTC) (envelope-from fb-stable@psconsult.nl) Received: from phuket.psconsult.nl (localhost [127.0.0.1]) by phuket.psconsult.nl (8.13.1/8.13.1) with ESMTP id l9SKkS2g004767; Sun, 28 Oct 2007 21:46:28 +0100 (CET) (envelope-from fb-stable@psconsult.nl) Received: (from paul@localhost) by phuket.psconsult.nl (8.13.1/8.13.1/Submit) id l9SKkSni004766; Sun, 28 Oct 2007 21:46:28 +0100 (CET) (envelope-from fb-stable@psconsult.nl) Date: Sun, 28 Oct 2007 21:46:27 +0100 From: Paul Schenkeveld To: freebsd-stable@freebsd.org, freebsd-pf@freebsd.org Message-ID: <20071028204627.GA4666@psconsult.nl> Mail-Followup-To: freebsd-stable@freebsd.org, freebsd-pf@freebsd.org References: <4724D6EE.6050004@amb.kiev.ua> <9a542da30710281214v79cd332fx69b8806db2895836@mail.gmail.com> <4724E460.1050309@amb.kiev.ua> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <4724E460.1050309@amb.kiev.ua> User-Agent: Mutt/1.5.6i Cc: Subject: Re: pf broken in 7.0-BETA1 ? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Oct 2007 21:50:09 -0000 On Sun, Oct 28, 2007 at 04:34:56PM -0300, Andrew Birukov wrote: > Ermal Luçi wrote: > >Try using > > > >pass out on $ext_if proto tcp from any to any tos 0x10 no keep state queue > >ssh > > > >and it should work as you expect! > > pf.conf > ------------------------------------------------------------------- > ext_if="xl0" > > altq on $ext_if priq bandwidth 520Kb queue { ssh, traf } > queue ssh priority 1 > queue traf priority 15 priq(default) > > pass in all > pass out all > > pass out on $ext_if proto tcp from any to any tos 0x10 no keep state > queue ssh > ------------------------------------------------------------------- > > # /etc/rc.d/pf restart > Disabling pf. > pf disabled > Enabling pf. > /etc/pf.conf:10: syntax error > pfctl: Syntax error in config file: pf rules not loaded > pf enabled > > Unfortunately syntax error... Should be "no state" according to pf.conf(5) > -- > Andrew Biriukov > amb@amb.kiev.ua Paul Schenkeveld