From owner-freebsd-pf@FreeBSD.ORG Tue Sep 5 20:37:10 2006 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4D1DD16A4DE for ; Tue, 5 Sep 2006 20:37:10 +0000 (UTC) (envelope-from linux@giboia.org) Received: from nf-out-f131.google.com (nf-out-f131.google.com [64.233.182.131]) by mx1.FreeBSD.org (Postfix) with ESMTP id E4F0B43D78 for ; Tue, 5 Sep 2006 20:37:03 +0000 (GMT) (envelope-from linux@giboia.org) Received: by nf-out-f131.google.com with SMTP id x9so121591nfb for ; Tue, 05 Sep 2006 13:37:02 -0700 (PDT) Received: by 10.90.73.3 with SMTP id v3mr227093aga; Tue, 05 Sep 2006 13:37:01 -0700 (PDT) Received: by 10.90.120.19 with HTTP; Tue, 5 Sep 2006 13:37:01 -0700 (PDT) Message-ID: <6e6841490609051337g5e676e76iebc1e7dfb28a9f41@mail.gmail.com> Date: Tue, 5 Sep 2006 17:37:01 -0300 From: "Gilberto Villani Brito" To: freebsd-pf@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: Subject: Re: pf+altq (all traffic are in queue default) X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Sep 2006 20:37:10 -0000 Hi, Try to use these rules: # pass out on xl0 proto tcp from $int_net to $ext_net port 80 queue www # pass out on xl0 proto tcp from $int_net to $ext_net port { 21, 20 } queue ftp # pass out on xl0 proto tcp from any to any port 22 queue(ssh_bulk, ssh_login) Gilberto 2006/8/31, Hajime : > Hello, > > I want to implement a pf+altq for traffic shaping with freebsd 5.4-Release. > I have done kernel compilation in my freebsd box for those pf and altq. > Then, my scenario is like this : > > My network : > external-network-----------------------rl0-FreeBSD-xl0-----------------------internal-network > 192.168.0.0/24 > 10.2.0.0/16 > > I want each http, ssh and ftp traffic going from external-network to > internal-network get 25% from total available bandwidth in xl0. > > This is my pf.conf : > > #Root Queue > altq on xl0 cbq bandwidth 10Mb queue { www, ftp, ssh, std } > > #Child Queue > queue www bandwidth 25% priority 2 cbq(borrow) > queue ftp bandwidth 25% priority 2 cbq(borrow) > queue ssh bandwidth 25% { ssh_login, ssh_bulk } > queue ssh_login bandwidth 25% priority 4 cbq(ecn) > queue ssh_bulk bandwidth 75% cbq(ecn) > queue std bandwidth 25% priority 3 cbq(default borrow) > > #Macros > ext_net = "192.168.0.0/24" > int_net = "10.2.0.0/16" > > #Filter rule > pass out on xl0 proto tcp from $ext_net to $int_net port 80 queue www > pass out on xl0 proto tcp from $ext_net to $int_net port { 21, 20 } queue > ftp > pass out on xl0 proto tcp from any to any port 22 queue(ssh_bulk, ssh_login) > > Then i test this configuration by generate traffic http, ftp, ssh, etc (the > traffic is going from external-network to internal-network). I saw pf status > with command "pfctl -vs all", all the traffic are in queue default, not in > the each queue ( for ftp, http, ssh etc). > Is there any mistake in my pf.conf? please help me. > > Thx > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >