PF + ALTQ... help please!!

Marcelo Celleri marceloc at espoltel.net
Wed Nov 30 23:57:40 GMT 2005 

There is a little more:

int_if="em1"

altq on $int_if bandwidth 100Mb cbq queue { std, uees, lnaval, tes,
ecomundo, montepiedra, offset, \
        andec, copol, asuncion, umetro, calcivar, corpecuador, ststeban,
extradio, capig, oxxo, ryc, \
        esmena, marianitas, diteca, canizares, codelfos, metain, nnuu,
cyber, antena3, stabarbara, \
        maqhensa, agarcia, pymes256_n3, pymes256_n4, pymes128, residencial,
marcelo  }

queue std bandwidth 10.0Mb cbq(default)

#Then for each one of the subqueues:

queue marcelo bandwidth 128Kb cbq { gold, silver, default }
        queue gold bandwidth 70% priority 3 cbq(borrow red)
        queue silver bandwidth 20% priority 2 cbq(borrow red)
        queue default bandwidth 10% cbq(borrow)


#These are the rules:

pass in on $int_if from any to xxx.xxx.xxx.xxx keep state queue default
pass in on $int_if proto { tcp } from any port { 25,110 } to xxx.xxx.xxx.xxx
keep state queue silver
pass in on $int_if proto { tcp } from any port { 22,53,80,443  } to
xxx.xxx.xxx.xxx keep state queue gold



On 11/30/05, Marcelo Celleri <marceloc at espoltel.net> wrote:
> $int_if="em1"
> queue marcelo bandwidth 128Kb cbq { gold, silver, default }
>         queue marcelo1 bandwidth 70% priority 3 cbq(borrow red)
>         queue marcelo2 bandwidth 20% priority 2 cbq(borrow red)
>         queue marcelodf bandwidth 10% cbq(borrow)

You've omitted a lot of the pf.conf file. The only thing I can suggest
is that you name the sub-queues (marcelo1/2/df) the same as what the
queue expects them to be named (gold/silver/default).

Like this:
altq on em0 cbq bandwidth 100Mb queue { default_ext, throttle_ext }
queue default_ext bandwidth 40Mb qlimit 1000 priority 5 cbq(default red ecn)
queue throttle_ext bandwidth 64Kb priority 1 cbq(red ecn)

> pass in on $int_if proto { udp,tcp } from any port 53 to 200.49.242.42
keep
> state queue gold

Not actually having defined a gold queue, that does nothing.




-- 
Este mensaje ha sido analizado por el antivirus de ESPOLTEL S.A.
en busca de virus y otros contenidos peligrosos,
y se considera que está limpio.

More information about the freebsd-pf mailing list