pf.conf + altq problem

Muhammad Reza beastie at
Wed Oct 11 21:16:15 PDT 2006

Dear list. 

My pf.conf  not working.
I have pf in bridge machine with xl2 to internet firewall and xl1 to
internal switch. Bridging is ok.

This my simple pf.conf

altq on xl1 bandwidth 100% cbq queue {me,dflt}

queue me        bandwidth 8Kb
queue dflt      bandwidth 16Kb cbq  (default)

block log on {xl1,xl2} all

pass out log on xl1 from $me to any  keep state
pass log on xl2 from $me to any keep state queue (me)

This rule is match when i try to connect to iperf server 

# tcpdump -nett -i pflog0 | grep
tcpdump: WARNING: pflog0: no IPv4 address assigned
tcpdump: listening on pflog0, link-type PFLOG
1160655756.150048 rule 3/(match) pass in on xl2: > [|tcp] (DF)
1160655756.150059 rule 2/(match) pass out on xl1: > [|tcp] (DF)

But iperf tell me that this connection is 24.4 Kbits/Sec. (more than

[root at beastie beastie]# iperf -c
Client connecting to, TCP port 5001
TCP window size: 16.0 KByte (default)
[  3] local port 44408 connected with port
[  3]  0.0-16.1 sec  48.0 KBytes  24.4 Kbits/sec

I'm expecting that iperf report it equal with the bandwidth that i
assign to (me) queue pipe.
Is there any thing wrong or i missed something here ???
Please help me


More information about the freebsd-questions mailing list