pf+altq (all traffic are in queue default)

Gilberto Villani Brito linux at giboia.org
Tue Sep 5 20:37:10 UTC 2006 

Hi,
Try to use these rules:
# pass out on xl0 proto tcp from $int_net to $ext_net port 80 queue www
# pass out on xl0 proto tcp from $int_net to $ext_net port { 21, 20 } queue ftp
# pass out on xl0 proto tcp from any to any port 22 queue(ssh_bulk, ssh_login)

Gilberto


2006/8/31, Hajime <tohajime at gmail.com>:
> Hello,
>
> I want to implement a pf+altq for traffic shaping with freebsd 5.4-Release.
> I have done kernel compilation in my freebsd box for those pf and altq.
> Then, my scenario is like this :
>
> My network  :
> external-network-----------------------rl0-FreeBSD-xl0-----------------------internal-network
>                        192.168.0.0/24
> 10.2.0.0/16
>
> I want each http, ssh and ftp traffic going from external-network to
> internal-network get 25%  from total available bandwidth in xl0.
>
> This is my pf.conf :
>
> #Root Queue
> altq on xl0 cbq bandwidth 10Mb queue { www, ftp, ssh, std }
>
> #Child Queue
> queue www bandwidth 25% priority 2 cbq(borrow)
> queue ftp bandwidth 25% priority 2 cbq(borrow)
> queue ssh bandwidth 25% { ssh_login, ssh_bulk }
>   queue ssh_login bandwidth 25% priority 4 cbq(ecn)
>   queue ssh_bulk bandwidth 75% cbq(ecn)
> queue std bandwidth 25% priority 3 cbq(default borrow)
>
> #Macros
> ext_net = "192.168.0.0/24"
> int_net = "10.2.0.0/16"
>
> #Filter rule
> pass out on xl0 proto tcp from $ext_net to $int_net port 80 queue www
> pass out on xl0 proto tcp from $ext_net to $int_net port { 21, 20 } queue
> ftp
> pass out on xl0 proto tcp from any to any port 22 queue(ssh_bulk, ssh_login)
>
> Then i test this configuration by generate traffic http, ftp, ssh, etc (the
> traffic is going from external-network to internal-network). I saw pf status
> with command "pfctl -vs all", all the traffic are in queue default, not in
> the each queue ( for ftp, http, ssh etc).
> Is there any mistake in my pf.conf? please help me.
>
> Thx
> _______________________________________________
> freebsd-pf at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"
>

More information about the freebsd-pf mailing list