* Axel Rau <axel....@chaos1.de> [2015-02-16 14:34]: > I failed to setup a queue on outgoing esp traffic and noticed that the rule > counters are all 0 and do not advance: > > @155 pass out quick on vlan2 inet proto esp from any to <road_worrier_nets:8> > set ( queue vpn ) keep state (if-bound) > [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 > ] > [ Inserted: uid 0 pid 28769 State Creations: 0 ]
this pretty damn certainly means that your traffic doesn't match that rule. There is no proto specific handling at that stage. and... pass in on egress proto esp all [ Evaluations: 47477 Packets: 2949816 Bytes: 1681517248 States: 1 ] [ Inserted: uid 0 pid 11764 State Creations: 12 ] -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS. Virtual & Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
