pf and dummynet
mike tancsa
mike at sentex.net
Mon Jul 29 16:06:54 UTC 2019
I have a box I need to shape inbound and outbound traffic. It seems altq
can only shape outbound packets and not limit inbound ? If thats the
case, what is the current state of mixing ipfw, dummynet and pf ?
Writing large complex firewall rules works better from a readability POV
(for us anyways) so I really prefer to use it. But I need to prevent zfs
replication eating up BW over some WAN links, and dummynet seems to
"just work"
For ipfw I have
00010 6640359 9959147882 pipe 1 tcp from 192.168.128.0/20 to any
01000 3486901 228480912 allow ip from any to any
and then checking my pf.conf rules, it seems to block and pass traffic
as expected.
Is there anything I should explicitly check ?
---Mike
More information about the freebsd-pf
mailing list