PF TOS and keep state
Andrew Birukov
amb at amb.kiev.ua
Sun Feb 10 08:47:27 PST 2008
I have 2 pf.conf - one of them is working properly, but another one is
not working at all. Could you please help me to explain why?
FreeBSD 7.0-RC2
This pf.conf is working fine.
--------------------------------------------------------
ext_if="xl0"
altq on $ext_if priq bandwidth 520Kb queue { traf, torrent, ssh}
queue torrent priority 0
queue traf priority 1 priq(default)
queue ssh priority 2
pass in on $ext_if all no state
pass out quick on $ext_if proto tcp from any to any port 22 \
no state queue ssh
pass out quick on $ext_if proto tcp from 10.15.25.2 to any tos 0x2 \
no state queue torrent
pass out on $ext_if all no state
----------------------------------------------------------
This pf.conf is not working properly. Queue torrent isn't matching packets.
----------------------------------------------------------
ext_if="xl0"
altq on $ext_if priq bandwidth 520Kb queue { traf, torrent, ssh}
queue torrent priority 0
queue traf priority 1 priq(default)
queue ssh priority 2
pass in on $ext_if all
pass out quick on $ext_if proto tcp from any to any port 22 \
queue ssh
pass out quick on $ext_if proto tcp from 10.15.25.2 to any tos 0x2 \
queue torrent
pass out on $ext_if all queue traf
-----------------------------------------------------------
I see the differens between those two pf.conf. The first one is not
using "keep state", the second is using it.
Is it possible to use both options "tos" and "keep state" at the same time?
--
Andrew Biriukov
amb at amb.kiev.ua
More information about the freebsd-pf
mailing list