Hello,
I am running FreeBSD 7 and I wanted to play around with ALTQ and PRIQ queuing.
My goal was to have TCP ACKs that have no payload having the highest priority
and then cod, dns, ssh in their own queues and everything else falling in to
the default queue.
Here is the config I came up with:
##################################################
#Macros
ext_if = "tun0"
cod_ports = "{28960:29000}"
##Tables
table <priv_net> { 192.168.0.0/24 }
##Options
##Scrub
scrub in all
##Queueing
altq on $ext_if priq bandwidth 400Kb queue { q_pri, q_def, q_cod, q_domain,
q_ssh }
queue q_pri priority 10
queue q_cod priority 9
queue q_domain priority 8
queue q_ssh priority 7
queue q_def priority 1 priq(default)
##Translation
nat on $ext_if from <priv_net> to any -> ($ext_if)
##Filter Rules
#default to deny
block in log all
#allow loopback
pass quick on lo0 all
#Setup PRIQ Rules
pass out on $ext_if proto tcp from ($ext_if) to any queue (q_pri, q_def) pass
in on $ext_if proto tcp from any to ($ext_if) queue (q_pri, q_def)
pass out quick on $ext_if proto udp from ($ext_if) to any port $cod_ports queue
q_cod pass in quick on $ext_if proto udp from any to ($ext_if) port $cod_ports
queue q_cod
pass out quick on $ext_if proto udp from ($ext_if) to any port domain queue
q_domain pass in quick on $ext_if proto udp from any to ($ext_if) port domain
queue q_domain
pass out quick on $ext_if proto tcp from ($ext_if) to any port ssh queue q_ssh
pass in quick on $ext_if proto tcp from any to ($ext_if) port ssh queue q_ssh
#allow from fw to ext
pass out quick log on $ext_if proto tcp all pass out quick log on $ext_if proto
{ udp, icmp } all
#allow from internal network out
pass quick log on $int_if proto tcp from <priv_net> to any pass quick log on
$int_if proto {udp, icmp } from <priv_net> to any
#########################################
As far as I can see it is working but I was hoping to get some input from the
list.
Thanks
Rudi
