19.05.2016 23:16, Radek Krejča пишет:
on $ext_if proto { tcp, udp } from 192.168.52.0/24
Why?
Is there any nat rule?
And second problem - how to set up (on which interface) altq queues?
You should use outgoing interface.
Hello,
there is relevant part of my pf.conf
ext_if = "ext0"
int_if = "int0"
scrub all fragment reassemble no-df
altq on $ext_if cbq bandwidth 1Gb queue { \
pokus, \
pokus_default \
}
queue pokus bandwidth 10Mb cbq (red)
queue pokus_default bandwidth 600Mb cbq (default, borrow, red)
nat on $ext_if from "192.168.150.0/24" -> $ext_addr
# This is working rule
#block quick proto { tcp, udp } from 192.168.52.0/24
# This is not working
pass in quick on $ext_if from 192.168.52.0/24 queue pokus
# This doesnt match to
# block quick on $ext_if proto { tcp, udp } from 192.168.52.0/24
Incoming traffic flow: state table -> rdr rules -> filter rules.
Outgoing traffic flow: state table -> nat rules -> filter rules.
I assume your "int_if" has 192.168.52.0/24 net confidured. If so, nat
rule changes source address and your filter rule should be:
pass out quick on $ext_if from $ext_addr ...
Or you could change nat rule:
nat *pass* on $ext_if from 192.168.150.0/24 -> $ext_addr
On this BSD box are 74 vlans on int_if and I need to shape traffic for all of
them.
Thank you very much.
Radek
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[email protected]"
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[email protected]"
