Date: Tue, 5 Sep 2006 17:37:01 -0300 From: "Gilberto Villani Brito" <linux@giboia.org> To: freebsd-pf@freebsd.org Subject: Re: pf+altq (all traffic are in queue default) Message-ID: <6e6841490609051337g5e676e76iebc1e7dfb28a9f41@mail.gmail.com> In-Reply-To: <d2cee1fc0608310131n6744ffa3la9a4ac55407eee8d@mail.gmail.com> References: <d2cee1fc0608310131n6744ffa3la9a4ac55407eee8d@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
Try to use these rules:
# pass out on xl0 proto tcp from $int_net to $ext_net port 80 queue www
# pass out on xl0 proto tcp from $int_net to $ext_net port { 21, 20 } queue ftp
# pass out on xl0 proto tcp from any to any port 22 queue(ssh_bulk, ssh_login)
Gilberto
2006/8/31, Hajime <tohajime@gmail.com>:
> Hello,
>
> I want to implement a pf+altq for traffic shaping with freebsd 5.4-Release.
> I have done kernel compilation in my freebsd box for those pf and altq.
> Then, my scenario is like this :
>
> My network :
> external-network-----------------------rl0-FreeBSD-xl0-----------------------internal-network
> 192.168.0.0/24
> 10.2.0.0/16
>
> I want each http, ssh and ftp traffic going from external-network to
> internal-network get 25% from total available bandwidth in xl0.
>
> This is my pf.conf :
>
> #Root Queue
> altq on xl0 cbq bandwidth 10Mb queue { www, ftp, ssh, std }
>
> #Child Queue
> queue www bandwidth 25% priority 2 cbq(borrow)
> queue ftp bandwidth 25% priority 2 cbq(borrow)
> queue ssh bandwidth 25% { ssh_login, ssh_bulk }
> queue ssh_login bandwidth 25% priority 4 cbq(ecn)
> queue ssh_bulk bandwidth 75% cbq(ecn)
> queue std bandwidth 25% priority 3 cbq(default borrow)
>
> #Macros
> ext_net = "192.168.0.0/24"
> int_net = "10.2.0.0/16"
>
> #Filter rule
> pass out on xl0 proto tcp from $ext_net to $int_net port 80 queue www
> pass out on xl0 proto tcp from $ext_net to $int_net port { 21, 20 } queue
> ftp
> pass out on xl0 proto tcp from any to any port 22 queue(ssh_bulk, ssh_login)
>
> Then i test this configuration by generate traffic http, ftp, ssh, etc (the
> traffic is going from external-network to internal-network). I saw pf status
> with command "pfctl -vs all", all the traffic are in queue default, not in
> the each queue ( for ftp, http, ssh etc).
> Is there any mistake in my pf.conf? please help me.
>
> Thx
> _______________________________________________
> freebsd-pf@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6e6841490609051337g5e676e76iebc1e7dfb28a9f41>