From owner-freebsd-pf@freebsd.org  Thu May 19 14:52:56 2016
Return-Path: <owner-freebsd-pf@freebsd.org>
Delivered-To: freebsd-pf@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8551CB42BBE
 for <freebsd-pf@mailman.ysv.freebsd.org>; Thu, 19 May 2016 14:52:56 +0000 (UTC)
 (envelope-from bsd-lists@bsdforge.com)
Received: from udns.ultimatedns.net (static-24-113-41-81.wavecable.com
 [24.113.41.81])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 68E1012D7
 for <freebsd-pf@freebsd.org>; Thu, 19 May 2016 14:52:55 +0000 (UTC)
 (envelope-from bsd-lists@bsdforge.com)
Received: from ultimatedns.net (localhost [127.0.0.1])
 by udns.ultimatedns.net (8.14.9/8.14.9) with ESMTP id u4JEqrGB029431
 for <freebsd-pf@freebsd.org>; Thu, 19 May 2016 07:53:00 -0700 (PDT)
 (envelope-from bsd-lists@bsdforge.com)
To: <freebsd-pf@freebsd.org>
In-Reply-To: <262ED41F8198C0409ACB79946570FFCD1AA134055F@EXCHANGE.mail.starnet.cz>
References: <262ED41F8198C0409ACB79946570FFCD1AA134055F@EXCHANGE.mail.starnet.cz>
From: "Chris H" <bsd-lists@bsdforge.com>
Subject: Re: Traffic shaping incomming traffic for all vlans
Date: Thu, 19 May 2016 07:53:00 -0700
Content-Type: text/plain; charset=UTF-8; format=fixed
MIME-Version: 1.0
Message-id: <45be7d98e5354bd4e299479c15d944f0@ultimatedns.net>
Content-Transfer-Encoding: 8bit
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 19 May 2016 14:52:56 -0000

On Thu, 19 May 2016 11:48:28 +0200 Radek Krejča <radek.krejca@starnet.cz>
wrote

> Hello,
> 
> I have freebsd router with pf for NAT and firewall. There are 2 NICs, one for
> incomming traffic from internet and second for traffic to clients. On
> internal NIC are a lot of vlans. 
>
> I need to make traffic shaping for all users based on src ip from internet.
> But I have problem, it doesnt work. 
>
> Working rule for block all traffic is:
> 
> block quick proto { tcp, udp } from 192.168.52.0/24 
> 
> but the same rule with externa nic dosnt match: block quick on $ext_if proto
> { tcp, udp } from 192.168.52.0/24 Why?
> 
> And second problem - how to set up (on which interface) altq queues?
Hello, Radek.
I think better context is needed here, before anyone can provide a
reasonably intelligent answer/solution for you. In other words, can you provide
at *least* the relevant sections of your configuration(s)?

--Chris