Date: Mon, 12 Dec 2005 03:28:49 +0900 (JST) From: Hideki Yamamoto <yamamoto436@oki.com> To: david@wombatsweb.com Cc: freebsd-pf@freebsd.org Subject: Re: if_bridge + altq (CBQ) Message-ID: <20051212.032849.74738118.yamamoto436@oki.com> In-Reply-To: <20051211.233101.98871433.yamamoto436@oki.com> References: <20051211.073952.74741466.yamamoto436@oki.com> <439C293E.8050500@wombatsweb.com> <20051211.233101.98871433.yamamoto436@oki.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Dear Davide and others, I have one question about PF for IPv6. On the manual page of pf.conf, the following sentence appears: Currently, only IPv4 fragments are supported and IPv6 fragments are blocked unconditionally. However in the source tree, it seems that IPv6 fragment may be supported. I wonder if anyone knows IPv6 fragment packet are supported or not. Regards, Hideki Yamamoto From: Hideki Yamamoto <yamamoto436@oki.com> Subject: Re: if_bridge + altq (CBQ) Date: Sun, 11 Dec 2005 23:31:01 +0900 (JST) Message-ID: <20051211.233101.98871433.yamamoto436@oki.com> > > Dear David, > > Thank you for your reply. After sending my question to ML, I have > found that I did not write "pass .... queue ... " on /etc/pf.conf. > I had written the port definitions for queue in /etc/services instead > of /etc/pf.conf. As it is Sunday today, I will try your suggestion > tomorrow. > > Regards, > > Hideki Yamamoto > > > From: David Pierron <david@wombatsweb.com> > Subject: Re: if_bridge + altq (CBQ) > Date: Sun, 11 Dec 2005 08:27:26 -0500 > Message-ID: <439C293E.8050500@wombatsweb.com> > > > Hideki Yamamoto on 12/10/2005 5:39 PM wrote: > > > > >I am trying the packect shaping by CBQ of altq on FBSD6 box. The box is configured as bridge by if_bridge kernel configuration. The target packet is UDP on IPv6. Though I wrote output port number of the udp packet on /etc/services and wrote CBQ shaping rule on /etc/pf.conf, the shaping rule about each port number are not applied to the packet, so only default rule are applied. > > > > > >My question is: can pf especially altq work with bridge function? If so, which bridge function, BRIDGE, if_bridge, ng_brige, is OK? > > > > > I am running if_bridge on FBSD 6.0 and have successfully run CBQ and > > HFSC on the bridge ... > > > > Do you have: > > > > net.link.bridge.pfil_member=1 # enables packet filtering on in and out interfaces > > > > specified in /etc/sysctl.conf? It's quite possible this is necessary for ALTQ to access the "out" on the $xx_if of the bridge ... > > > > Keep in mind that if you use the queue on a "pass" rule, ALTQ will apply to the "out" of that rule ... > > > > HTH > > > > > > _______________________________________________ > > freebsd-pf@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051212.032849.74738118.yamamoto436>