On Thu, Jun 05, 2003 at 05:42:54PM +0159, Henning Brauer wrote:
> that's interesting. I have no tun/pppoe setup to test myself - mind
> sharing pf.conf/pfctl -gvsq/other relevant setup?
how troublesome. It now seems to work. and I am positive it didn't two
days ago. I can't see any diff between my conf two days ago and today's
one. The only thing I did is to reboot my gateway (been up 52 days) and
to restart pppoe after a phy pb on my ISP net.
I am dreaming... where is my fscking Reality(tm) pill? :)
---
output of 'pfctl -gvsq':
ttyp0:[EMAIL PROTECTED] [/etc]
19:08:53 {521}# pfctl -gvsq
queue pri priority 7
[ pkts: 1063 bytes: 51228 dropped pkts: 0 bytes:
0 ]
[ qlength: 0/ 50 ]
[ qid=8 ifname=tun0 ifbandwidth=100Kb ]
queue def priq( default )
[ pkts: 4925 bytes: 547214 dropped pkts: 0 bytes:
0 ]
[ qlength: 0/ 50 ]
[ qid=2 ifname=tun0 ifbandwidth=100Kb ]
---
loaded pf.conf:
###> MACROS
##> Interfaces
loop_if="lo0"
loop_addr="127.0.0.1"
dsl_if="tun0"
dsl_addr="62.212.99.171"
dmz_if="xl0"
dmz_addr="x.y.z.t"
internal_if="dc0"
internal_addr="a.b.c.d"
[snip]
###> QUEUING
altq on $dsl_if priq bandwidth 100Kb queue {pri def}
queue pri priority 7
queue def priority 1 priq(default)
[snip]
###> PACKET FILTERING
[snip]
#> SSH
pass in log quick on $dsl_if inet proto tcp \
from $admin_list to $dsl_addr \
port $sshport flags S/SAFRUP keep state \
label "[ssh] connections to zoe ($nr)" \
queue (def, pri)
[snip]
#> Internet Access
pass out quick on $dsl_if inet proto tcp \
from any to any \
modulate state \
queue (def, pri)
pass out quick on $dsl_if inet proto { udp , icmp } \
from any to any \
keep state \
queue (def, pri)
[snip]
---
--
Saad Kadhi -- [EMAIL PROTECTED] [EMAIL PROTECTED]
[pgp keyid: 35592A6D http://pgp.mit.edu]
[pgp fingerprint: BF7D D73E 1FCF 4B4F AF63 65EB 34F1 DBBF 3559 2A6D]
---
