Date: Thu, 09 Nov 2006 01:25:56 +0700 From: Muhammad Reza <beastie@mra.co.id> To: Gilberto Villani Brito <linux@giboia.org> Cc: "FreeBSD \(PF\)" <freebsd-pf@freebsd.org> Subject: Re: pf.conf + altq problem Message-ID: <1163010356.1504.46.camel@beastie.mra.co.id> In-Reply-To: <6e6841490611071141u2f1ad06apaa4542a94f8b786b@mail.gmail.com> References: <1162836051.23997.7.camel@beastie.mra.co.id> <6e6841490611071140u486d550bn8d3f3f0c40b6fd9@mail.gmail.com> <6e6841490611071141u2f1ad06apaa4542a94f8b786b@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
still not work with pass in rule.
add info with this rule set:
altq on xl1 bandwidth 100% cbq queue {int_out,dflt_out}
queue int_out bandwidth 3Mb
queue dflt_out bandwidth 16Kb cbq (default)
altq on xl2 bandwidth 100% cbq queue {int_in,dflt_in}
queue int_in bandwidth 3Mb
queue dflt_in bandwidth 16Kb cbq (default)
pass out log on xl1 from 172.16.0.228 to 202.57.14.1 keep state flags
S/SA queue (int_out)
pass out log on xl2 from 202.57.14.1 to 172.16.0.228 keep state flags
S/SA queue (int_in)
if i only enabled altq on in one interface only (xl1 or xl2) , traffic
limitation that i want is can be done.
Is there something that can be done with ALTQ and PF or my rule is
bad ???
please help me...
> Try this rules:
> pass in log on xl2 from 172.16.0.228 to 202.57.14.1 keep state flags
> S/SA queue (int_out)
> pass in log on xl2 from 172.16.0.228 to 202.57.14.1 keep state flags
> S/SA queue (int_in)
>
> Gilberto
>
>
> 2006/11/6, Muhammad Reza <beastie@mra.co.id>:
> > Dear All.
> >
> > I start with the simple rule set in my pf bridge machine to limit
> > bandwidth 3Mbps from my server on lan to internet and from internet to
> > my server on lan
> > this my setup:
> >
> > Internet ---xl1 xl2---LAN
> >
> > and my pf.conf
> >
> > lan="172.16.0.0/24"
> > #ALTQ at outgoing interface to limit traffic 3 MBps from lan to internet
> > altq on xl1 bandwidth 100% cbq queue {int_out,dflt_out}
> > queue int_out bandwidth 3Mb
> > queue dflt_out bandwidth 16Kb cbq (default)
> > #ALTQ at lan interface to limit traffic 3 MBps from internet to lan
> > altq on xl2 bandwidth 100% cbq queue {int_in,dflt_in}
> > queue int_in bandwidth 3Mb cbq (default)
> > queue dflt_in bandwidth 16Kb
> >
> > block on xl1
> > pass in on xl1 from any to $lan
> > pass out on xl1 from $lan to any
> > pass out log on xl1 from 172.16.0.228 to 202.57.14.1 keep state flags S/SA queue (int_out)
> >
> > block on xl2
> > pass in on xl2 from $lan to any keep state
> > pass out on xl2 from any to $lan keep state
> > #pass out log on xl2 from 202.57.14.1 to 172.16.0.228 keep state flags S/SA queue (int_in)
> >
> > I have done some test with iperf with no luck.
> > Is there something wrong with this rule set to acompilished my need ?
> > Please help
> >
> > Regards
> > Reza
> >
> >
> >
> > _______________________________________________
> > freebsd-pf@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
> >
> _______________________________________________
> freebsd-pf@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1163010356.1504.46.camel>