Date: Sun, 28 Oct 2007 20:37:13 -0300 From: Andrew Birukov <amb@amb.kiev.ua> To: Abdullah Ibn Hamad Al-Marri <wearabnet@yahoo.ca> Cc: freebsd-stable@freebsd.org, freebsd-pf@freebsd.org Subject: Re: pf broken in 7.0-BETA1 ? Message-ID: <47251D29.4020702@amb.kiev.ua> In-Reply-To: <216439.6336.qm@web33706.mail.mud.yahoo.com> References: <216439.6336.qm@web33706.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Abdullah Ibn Hamad Al-Marri wrote:
> ----- Original Message ----
>> From: Andrew Birukov <amb@amb.kiev.ua>
>> To: Ermal Luçi <ermal.luci@gmail.com>
>> Cc: freebsd-stable@freebsd.org; freebsd-pf@freebsd.org
>> Sent: Sunday, October 28, 2007 10:34:56 PM
>> Subject: Re: pf broken in 7.0-BETA1 ?
>>
>> Ermal Luçi wrote:
>>> Try using
>>>
>>> pass out on $ext_if proto tcp from any to any tos 0x10 no keep
>> state
>>
> queue ssh
>>> and it should work as you expect!
>> pf.conf
>> -------------------------------------------------------------------
>> ext_if="xl0"
>>
>> altq on $ext_if priq bandwidth 520Kb queue { ssh, traf }
>> queue ssh priority 1
>> queue traf priority 15 priq(default)
>>
>> pass in all
>> pass out all
>>
>> pass out on $ext_if proto tcp from any to any tos 0x10 no keep state
>> queue ssh
>> -------------------------------------------------------------------
>>
>> # /etc/rc.d/pf restart
>> Disabling pf.
>> pf disabled
>> Enabling pf.
>> /etc/pf.conf:10: syntax error
>> pfctl: Syntax error in config file: pf rules not loaded
>> pf enabled
>>
>> Unfortunately syntax error...
>>
>>
>> --
>> Andrew Biriukov
>> amb@amb.kiev.ua
>
>
> Is this related to your problem?
>
> http://www.nabble.com/Suggestion-with-patch%2C-change-PF-TOS-matching-to-bitmask-tf4697797.html
It is not related, but interesting for me.
I am going to try this patch.
Thank you!
--
Andrew Biriukov
amb@amb.kiev.ua
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47251D29.4020702>