From owner-freebsd-pf@FreeBSD.ORG Wed Jul 23 19:35:30 2008 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DA4CF1065671 for ; Wed, 23 Jul 2008 19:35:30 +0000 (UTC) (envelope-from portcitycs@gmail.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.179]) by mx1.freebsd.org (Postfix) with ESMTP id 947668FC0C for ; Wed, 23 Jul 2008 19:35:29 +0000 (UTC) (envelope-from portcitycs@gmail.com) Received: by py-out-1112.google.com with SMTP id p76so1848116pyb.10 for ; Wed, 23 Jul 2008 12:35:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type:references; bh=kuYxaJ/2ZigMz3VnZ13R176BvoSTca/iO3i7WzFEtxA=; b=LJ7LQDWqXWxelq67EixZ2+L8SfkaK7jndPc+fecNjRg/Qer8gKqVNl8Q+nmJNeIfVJ 9P3WQ2YeUlPkNNi+fipGoj+Qwrk6pnVXnAKUx+nG4f2PXU86xsGBLHcg2LDyYFvGjS6e qGAaJEEH+SLhi8ejd3UA7L6TAaNGySaOgOqdg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:references; b=tLnnNohq3lQ0YgcqywfoPTVdvgfvQ0zltqbQQ6qCvnVjHg5cmd50mDQzGu2LYP+8+o 0qabp41r09Y0YOVx7KzWJaPhWn06n6fXe6VilXep4StHME2ZPQDKoqqFuVGQAqxXaLVi QtAx0kwGCYKxN9SLyc7S1PbVgVN8PhM6pS1cQ= Received: by 10.142.134.17 with SMTP id h17mr35675wfd.346.1216840248048; Wed, 23 Jul 2008 12:10:48 -0700 (PDT) Received: by 10.142.238.10 with HTTP; Wed, 23 Jul 2008 12:10:48 -0700 (PDT) Message-ID: <5a1835cd0807231210h14b580cfy51e823df486ae61f@mail.gmail.com> Date: Wed, 23 Jul 2008 15:10:48 -0400 From: "Lyle Scott III" To: freebsd-pf@freebsd.org In-Reply-To: <3A0AA7018522134597ED63B3B794C92A027402C3@STA-HQ-S001.starcomms.local> MIME-Version: 1.0 References: <8dfae1c10807230603o1060aa69jc9ccf2e4bc66f275@mail.gmail.com> <3A0AA7018522134597ED63B3B794C92A027402C3@STA-HQ-S001.starcomms.local> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: Limiting client bandwidth with PF X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jul 2008 19:35:31 -0000 I have used PF for a few years on various servers and would like to play with ALTQ functionality (finally have some time!), yet I read about quite a few 'bugs' with pf/altq ... Should I even bother? It is posts such as these that are quite discouraging! (not hating on poster :) ) I think FreeBSD is the greatest OS ever and I love the functionality (and syntax) of PF... and would love to see ALTQ throw in to the mix. On Wed, Jul 23, 2008 at 10:51 AM, Catalin Miclaus wrote: > Hello Walter, > > There are some open bugs for pf with altq. > You may want to consider ipfw and pipes to achieve same. > > > > > > > > > > Best Regards > Catalin Miclaus > Network/Security ISP-Data > Starcomms Ltd. > > -----Original Message----- > From: owner-freebsd-pf@freebsd.org [mailto:owner-freebsd-pf@freebsd.org] > On Behalf Of Walter Venable > Sent: Wednesday, July 23, 2008 2:04 PM > To: freebsd-pf@freebsd.org > Subject: Limiting client bandwidth with PF > > Hi all, I'm having some trouble getting pf to do what I want. > I'm a newbie to pf, so I can't get my configuration quite right. > > We have a 3Mb/1Mb connection and I want to limit my clients each to > 128Kbps/64Kbps. > > First things first, limit them to 128Kbps, but that isn't even working, > as > clients are still maxing at 3Mbps: > > $ cat /etc/pf.conf > int_if="rl0" > ext_if="nfe0" > int_net="192.168.2.0/24" > > altq on $ext_if hfsc bandwidth 3Mb queue { clients } > queue clients bandwidth 128Kb hfsc ( default rio ) > pass in quick log on $int_if proto tcp from $int_net to any \ > flags S/SA keep state queue clients > > $ sudo pfctl -sq > queue root_nfe0 on nfe0 bandwidth 3Mb priority 0 {clients} > queue clients on nfe0 bandwidth 128Kb hfsc( rio default ) > > Can anyone say why this isn't working? More info about the network if > you > need it: > > Internet -- Router (192.168.1.1) -- (nfe0 @ 192.168.1.200 ) FreeBSD > Gateway > (rl0 @ 192.168.2.1) -- switch -- Clients (192.168.2.0/24) > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > > > DISCLAIMER: The information contained in this message (including any > attachments) is confidential and may be privileged. If you have received it > by mistake please notify the sender by return e-mail and permanently delete > this message and any attachments from your system. Any form of > dissemination, use, review, distribution, printing or copying of this > message in whole or in part is strictly prohibited if you are not the > intended recipient of this e-mail. Please note that e-mails are susceptible > to change. STARCOMMS PLC shall not be liable for the improper or incomplete > transmission of the information contained in this communication nor for any > delay in its receipt or damage to your system. STARCOMMS PLC does not > guarantee that the integrity of this communication has been maintained or > that this communication is free of viruses, interceptions or interferences. > STARCOMMS PLC reserves the right to monitor all e-mail communications, > whether related to the business of STARCOMMS or not, through its internal or > external networks. > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > -- Lyle Scott, III http://www.lylescott.ws