[Bug 210924] 10.3-STABLE - PF - possible regression in pf.conf set timeout interval
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Jul 19 10:41:07 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210924
--- Comment #4 from Oliver Peter <lists at peter.de.com> ---
(In reply to Kristof Provost from comment #3)
Thanks, of course this is the better approach.
Looks good so far for me:
oliver at wayne pfctl % cat /etc/pf.conf
set timeout interval 5
altq on em0 hfsc bandwidth 1Mb queue { ftp, ssh, icmp, other }
queue ftp bandwidth 30% priority 0 hfsc (upperlimit 99%)
queue ssh bandwidth 30% priority 2 hfsc (upperlimit 99%)
queue icmp bandwidth 10% priority 2 hfsc (upperlimit 99%)
queue other bandwidth 30% priority 1 hfsc (default upperlimit 99%)
pass out quick on em0 inet proto tcp from any port 21 to any queue ftp
pass out quick on em0 inet proto tcp from any port 22 to any queue ssh
pass out quick on em0 inet proto icmp from any to any queue icmp
pass out quick on em0 all
pass keep state
oliver at wayne pfctl % sudo pfctl -f /etc/pf.conf
oliver at wayne pfctl % uname -a
FreeBSD wayne.lab.home.gfuzz.de 12.0-CURRENT FreeBSD 12.0-CURRENT #2
575d5bb(master)-dirty: Mon Jul 18 15:40:49 CEST 2016
root at wayne.lab.home.gfuzz.de:/usr/obj/usr/src/sys/WAYNE i386
However, since I'm not familiar with the new CODELQ syntax, I'm not able to do
extended tests. Perhaps you could point out some documentation as you
mentioned it has been imported into 10.3 already.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-pf
mailing list