From owner-freebsd-pf@FreeBSD.ORG  Tue Jun 19 11:51:14 2007
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 83CBE16A46B
	for <freebsd-pf@freebsd.org>; Tue, 19 Jun 2007 11:51:14 +0000 (UTC)
	(envelope-from rob@techniumcast.com)
Received: from smtp.techniumcast.net (smtp.techniumcast.net [194.74.204.204])
	by mx1.freebsd.org (Postfix) with ESMTP id 5302513C457
	for <freebsd-pf@freebsd.org>; Tue, 19 Jun 2007 11:51:14 +0000 (UTC)
	(envelope-from rob@techniumcast.com)
Received: from [10.1.32.11] (penguin.techniumcast.net [10.1.32.11])
	by smtp.techniumcast.net (Postfix) with ESMTP id BF99D120B8F
	for <freebsd-pf@freebsd.org>; Tue, 19 Jun 2007 12:34:34 +0100 (BST)
Message-ID: <4677BF4A.8000601@techniumcast.com>
Date: Tue, 19 Jun 2007 12:34:34 +0100
From: Rob Shepherd <rob@techniumcast.com>
User-Agent: Thunderbird 2.0.0.0 (X11/20070423)
MIME-Version: 1.0
To: freebsd-pf@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: firewalling and ALTQ
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jun 2007 11:51:14 -0000

Dear freebsd firewallers,

I've just installed FreeBSD with a view to making a traffic shaping, or 
essentially transfer capacity limiting device.

This must sit on bridged interfaces between org and edge outers.

I'm having some difficulty working out which bits I need, which packet 
filter to use and how to get started.

The appears to be 3 packet filters

pf,ipf,ipfw

is this right? ALTQ works with each?

additionaly, I don't seem to have any /dev/ entries

croesor# pfctl -v
pfctl: /dev/pf: No such file or directory
croesor# ipfstat
open(IPSTATE_NAME): No such file or directory
croesor# ipf -V
ipf: IP Filter: v4.1.13 (528)
open device: No such file or directory

I'd like some pointers to get me on track please.

There are many tutorials, but It's impossible to know what is the 
current supported filter package, what works best with bridging and ALTQ 
   and how to test them when there's bit's missing.

Cheers

Rob

-- 
Rob Shepherd BEng PhD | Computer and Network Engineer | CAST Ltd
Technium CAST | LL57 4HJ | http://www.techniumcast.com
rob@techniumcast.com | 01248 675024 | 077988 72480