On Sun, May 07, 2006 at 03:31:22PM +0700, sugeng riadi wrote: > i want shaping trafik to client by port or aplication, but my config > not runing properly, > > the ftp package canot over from gw > > any one help me please..!!?? > > this my config
does the config load correctly? 'pfctl -nvf /etc/pf.conf' has no complaints? > block in on $int_if all <...> > block out on $int_if all change those to: block in log on $int_if all and block out log on $int_if all then tcpdump on 'pflog0' interface. pflogd will be running by default unless you turned it of with rc.conf/rc.conf.local, as long as pf=YES also during startup. after you start the tcpdump, attempt FTP again. if your ruleset is blocking you, it will show up in pflog. it should give you an idea of what kind of rule you would need to add. also, is there a chance that this is all you need? : http://openbsd.rt.fm/faq/pf/ftp.html -- jared [ openbsd 3.9-current GENERIC ( mar 15 ) // i386 ]
