PF + ALTQ... help please!!
Marcelo Celleri
marceloc at espoltel.net
Wed Nov 30 23:57:40 GMT 2005
There is a little more:
int_if="em1"
altq on $int_if bandwidth 100Mb cbq queue { std, uees, lnaval, tes,
ecomundo, montepiedra, offset, \
andec, copol, asuncion, umetro, calcivar, corpecuador, ststeban,
extradio, capig, oxxo, ryc, \
esmena, marianitas, diteca, canizares, codelfos, metain, nnuu,
cyber, antena3, stabarbara, \
maqhensa, agarcia, pymes256_n3, pymes256_n4, pymes128, residencial,
marcelo }
queue std bandwidth 10.0Mb cbq(default)
#Then for each one of the subqueues:
queue marcelo bandwidth 128Kb cbq { gold, silver, default }
queue gold bandwidth 70% priority 3 cbq(borrow red)
queue silver bandwidth 20% priority 2 cbq(borrow red)
queue default bandwidth 10% cbq(borrow)
#These are the rules:
pass in on $int_if from any to xxx.xxx.xxx.xxx keep state queue default
pass in on $int_if proto { tcp } from any port { 25,110 } to xxx.xxx.xxx.xxx
keep state queue silver
pass in on $int_if proto { tcp } from any port { 22,53,80,443 } to
xxx.xxx.xxx.xxx keep state queue gold
On 11/30/05, Marcelo Celleri <marceloc at espoltel.net> wrote:
> $int_if="em1"
> queue marcelo bandwidth 128Kb cbq { gold, silver, default }
> queue marcelo1 bandwidth 70% priority 3 cbq(borrow red)
> queue marcelo2 bandwidth 20% priority 2 cbq(borrow red)
> queue marcelodf bandwidth 10% cbq(borrow)
You've omitted a lot of the pf.conf file. The only thing I can suggest
is that you name the sub-queues (marcelo1/2/df) the same as what the
queue expects them to be named (gold/silver/default).
Like this:
altq on em0 cbq bandwidth 100Mb queue { default_ext, throttle_ext }
queue default_ext bandwidth 40Mb qlimit 1000 priority 5 cbq(default red ecn)
queue throttle_ext bandwidth 64Kb priority 1 cbq(red ecn)
> pass in on $int_if proto { udp,tcp } from any port 53 to 200.49.242.42
keep
> state queue gold
Not actually having defined a gold queue, that does nothing.
--
Este mensaje ha sido analizado por el antivirus de ESPOLTEL S.A.
en busca de virus y otros contenidos peligrosos,
y se considera que está limpio.
More information about the freebsd-pf
mailing list