Hi all,
I'm about to start using altq to limit the bandwidth for certain users
on my network.
I have a problem with some of my users that consume too much bandwidth.
My question is how to assign a pf rule to a certain queue ?
My (relevant parts of) pf.conf looks like this:
limited="10.0.0.2"
altq on $int_if bandwidth 98Mb hfsc queue { ack, ssh_in, thor, bulk}
queue ack bandwidth 30% priority 8 qlimit 500 hfsc (realtime
20%)
queue ssh_in bandwidth 10% priority 7 qlimit 500 hfsc
(realtime 20%) { ssh_in_login, ssh_in_bulk }
queue ssh_in_login bandwidth 40% priority 7 qlimit 500 hfsc
queue ssh_in_bulk bandwidth 40% priority 6 qlimit 500 hfsc
queue bulk bandwidth 54% priority 4 qlimit 500 hfsc (upperlimit
90% default, ecn)
queue thor bandwidth 1% priority 2 qlimit 500 hfsc
(upperlimit 1%)
pass out on $int_if from any to any queue (bulk)
pass out on $int_if proto tcp from any to $limited queue (thor)
The reason I ask is that "pfctl -sq -vv" show that all traffic hits the
"bulk" rule, even the traffic that goes to $limited.
It looks like a few packets hits the thor queue, but only a few.
If I download a centos dvd iso at the $limited PC, I get the full 90% of
the 98Mb bandwidth.
I expected it to use the thor queue and limit it at 1% of 98Mb.
Have I missed something basic ?
How should I write the queue rules to limit bw for certain users ?
Best regards,
Johan
