From owner-freebsd-questions@FreeBSD.ORG  Mon Nov 12 09:58:13 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id F05AF16A468
	for <freebsd-questions@freebsd.org>;
	Mon, 12 Nov 2007 09:58:13 +0000 (UTC)
	(envelope-from LoN_Kamikaze@gmx.de)
Received: from mail.gmx.net (mail.gmx.net [213.165.64.20])
	by mx1.freebsd.org (Postfix) with SMTP id 46FF313C491
	for <freebsd-questions@freebsd.org>;
	Mon, 12 Nov 2007 09:58:13 +0000 (UTC)
	(envelope-from LoN_Kamikaze@gmx.de)
Received: (qmail invoked by alias); 12 Nov 2007 09:58:01 -0000
Received: from vpn-cl-166-48.rz.uni-karlsruhe.de (EHLO mobileKamikaze.norad)
	[141.3.166.48]
	by mail.gmx.net (mp020) with SMTP; 12 Nov 2007 10:58:01 +0100
X-Authenticated: #5465401
X-Provags-ID: V01U2FsdGVkX19qIak3XHpqJc2XQ6jXxFnOxaYnHUJTGDFXCXmF5c
	zCqClCTIt2Dvwb
Message-ID: <473823A8.9050905@gmx.de>
Date: Mon, 12 Nov 2007 10:58:00 +0100
From: "[LoN]Kamikaze" <LoN_Kamikaze@gmx.de>
User-Agent: Thunderbird 2.0.0.6 (X11/20071101)
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
References: <53330.192.168.13.8.1194786209.squirrel@www.boosten.org>	<20071111144325.GA3433@saraswathy.susmita.org>	<3815.192.168.13.35.1194803377.squirrel@www.boosten.org>	<20071112070422.GA31412@saraswathy.susmita.org>
	<55683.212.159.200.167.1194859072.squirrel@www.boosten.org>
In-Reply-To: <55683.212.159.200.167.1194859072.squirrel@www.boosten.org>
X-Enigmail-Version: 0.95.5
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
Subject: Re: Quick question about PF and ALTQ
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Nov 2007 09:58:14 -0000

Peter Boosten wrote:
> On Mon, November 12, 2007 08:04, Girish Venkatachalam wrote:
> 
>> Hope the above explanation suffices.
> 
> Yu, it does. Very nice explanation, thanx.
> 
>>
>> Can you clarify your needs a bit more?
> 
> Well, it's actually quite simple: our internet access line, which is used
> by several people (directly, without a proxy server, but with a FreeBSD
> firewall). Our management wants to block unwanted traffic (so not: wants
> to block unwanted sited - which would be very easy), like p2p and online
> radio, since this traffic is:
> - non business related
> - bandwidth consuming
> 
> Peter

You just drop all traffic except for that over wanted ports, such as for http,
https, ftp, smtp, pop3, maybe some instant messengers...

That won't help against tunneling, though.