Quick question about PF and ALTQ

Matthew Seaman m.seaman at infracaninophile.co.uk
Sun Nov 11 11:17:06 PST 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Peter Boosten wrote:
> On Sun, November 11, 2007 15:43, Girish Venkatachalam wrote:
>> On 14:03:29 Nov 11, Peter Boosten wrote:
>>
>>> Hi all,
>>>
>>>
>>> One quick question: is it possible to filter specific kinds of traffic
>>> with altq, traffic that is not bound to specific IP addresses, like
>>> online radio?
>>>
>> Yes.
>>
>>
>> Not altq(It is for QoS).
>>
> 
> the OpenBSD site mentiones 'Class Based Queueing' on this page:
> http://www.openbsd.org/faq/pf/queueing.html
> 
> There's some 'example' that userB might get 250K for 'audio', however the
> entire page fails to explain how this could be done. Maybe someone on this
> list got it running...

If you can identify the traffic by the means available to you
provided by pf(4) then, yes certainly you can use ALTQ or other
means to control the bandwidth permitted for that traffic.

It's a big /if/ however.  pf(4) works at layers 2 and 3 -- that
is, it looks only at packet headers -- MAC addresses, IP addresses
TCP flags etc.  It knows nothing of the protocol specific stuff
that requires inspection of packet contents.

In general, in order to control traffic by inspection of packet
contents you will need to implement some sort of protocol specific
proxy.  I'm afraid I know virtually nothing of the sort of
protocols used to transmit on-line radio, but I'm assuming that they
are of more general use than just on-line radio -- so you need to
inspect the contents in order to distinguish exactly what it is.
(By analogy: you couldn't just block all web traffic because most
it is legitimate, but you can block images containing substantial
areas of skin tones...)

So your question now becomes two:

   * What software is available to proxy this on-line radio
     traffic?
and 

   * Can I distinguish the on-line radio traffic from other uses
     of the same protocol?

Without a bit more information about exactly what you're dealing
with, it is impossible for those questions to be answered.

However, given that you can identify the appropriate proxy software,
you can possibly use pf(4) to implement transparent proxying.  There
are any number of articles on the web about transparent proxying of
HTTP traffic with squid and pf that Google can find for you.  By
adapting that approach you may be able to apply the same concept to
your traffic.

	Cheers,

	Matthew

- -- 
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHN1T/8Mjk52CukIwRCHDPAJ4pUM9QwuDjGXF+w4Lo/4ftDGvQrACfVj/Y
//yMhiUZM/m+ycRnVR3Ky7E=
=tcZO
-----END PGP SIGNATURE-----

More information about the freebsd-questions mailing list