Thank you Daniel for reply,
Daniel Hartmeier ([email protected]) [11.04.11 09:18] wrote:
> On Mon, Apr 11, 2011 at 08:45:44AM +0300, Zeus V Panchenko wrote:
> It seems you want log(all), but are only using log, see pf.conf(5):
it didn't help ...
pftop output still shows no lan_http counters and when i download from
inet anything it eats all bandwidth ...
in pf.conf
pass out log (all) on $if_wan inet proto { tcp, udp } from $if_wan:0 \
to any port { $ports_proxy } keep state queue wan_http
pass out log (all) on $if_lan inet proto { tcp, udp } from any port {
$ports_proxy } \
to $if_lan:network queue lan_http
squid is bent to $if_lan:0 and in logs i see the activity (LAN browses inet
successfully)
if i tcpdump $if_lan i can see that, but it looks like it is passing by the
queue ... why?
in pftop output:
pfTop: Up Queue 1-6/6, View: queue, Cache: 10000
10:59:55
QUEUE BW SCH PRIO PKTS BYTES DROP_P
DROP_B QLEN BORROW SUSPEN P/S B/S
root_tun0 1000K cbq 0 12270 1429980 0
0 0 0 0 23 1867
wan_http 150K cbq 2 4180 512946 0
0 0 0 29 0 0
wan_rest 850K cbq 8090 917034 0
0 0 0 0 23 1867
root_ale0 100M cbq 0 11789 9982786 0
0 0 0 0 16 21739
lan_http 2000K cbq 2 0 0 0
0 0 0 0 0 0
lan_rest 98M cbq 13469 11810110 0
0 0 0 1073 38 43015
--
Zeus V. Panchenko
IT Dpt., IBS ltd GMT+2 (EET)
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[email protected]"
