Newbie (Round II) ALTQ & pf

[Kenneth Kalmer]

Guys

Thanks for the replies on my previous post for links on pf and altq,
it really helped and I'm still reading up on some of the docs, very
interesting stuff.

I've got a Linux-based gateway that I'd like to try and replace with a
FreeBSD one, currently I use the following features in
iptables/iproute2 that I need to replace with pf/altq.

Traffic shaping is done using the HTB scheduler, it works much better
than CBQ (personal experience and the opinions in the LARTC list). I
need quite a complex hierarchy to get the desired results. I had a
look at HSFC and it appears to be more capable than HTB. Can anyone
confirm this for me?

Secondly, with iptables do MAC-based access control. I understand that
MAC addresses can be easily spoofed, but in this specific environment
the odds that somebody will do it is less than the Zimbabwean dollar
becoming the world currency. Also thrown in is a transparent squid
(seen this can be done) and some clever DNATting (playing with it
now).

Thanks in advance

-- 

Kenneth Kalmer
kenneth.kalmer at gmail.com

Folding at home stats
http://vspx27.stanford.edu/cgi-bin/main.py?qtype=userpage&username=kenneth%2Ekalmer