Quick question about PF and ALTQ
Girish Venkatachalam
girishvenkatachalam at gmail.com
Mon Nov 12 03:03:06 PST 2007
On 14:03:29 Nov 11, Peter Boosten wrote:
> Hi all,
>
> One quick question: is it possible to filter specific kinds of traffic
> with altq, traffic that is not bound to specific IP addresses, like online
> radio?
>
Looks like I finally understood what you want.
You want to block the protocol from/to *any* IP address.
This is easily done.
block all
pass out all to { http smtp ftp }
This is a very "cruel" ruleset. :)
Instead you actually want this one.
nonbusiess= "{" 522 bittorrent ... "}"
block quick drop out all to port $nonbusiness
As you can see using pf, you can leave out anything.
That is the power of this marvelous creation.
It gives tremendous power to firewalls.
In fact I would venture to say it is the best software available for
firewalling functionality.
Best,
Girish
More information about the freebsd-questions
mailing list