On 2/6/06, Mircea Stanciu <[EMAIL PROTECTED]> wrote:
> int_if="rl0"
> ext_if="rl1"
> internal_net="86.55.128.0/24"
>
> table <filtre> {86.55.128.2, 86.55.128.3, 86.55.128.4, 86.55.128.5,
> 86.55.128.6, 86.55.128.7, 86.55.128.8, 86.55.128.9, 86.55.128.10}
>
> scrub in all
>
> #ALTQ
> #altq on $int_if bandwidth 100Mb hfsc queue {probe}
> #queue probe bandwidth 100% hfsc(default realtime 192Kb upperlimit 192Kb)
>
> #FILTRE
> block drop all
>
> #LO0
> pass on lo0 all
> #ICMP
> pass in on $int_if inet proto icmp from $internal_net to any keep state
> pass out on $int_if inet proto icmp from any to $internal_net keep state
>
> pass in on $ext_if inet proto icmp from any to {$ext_if,$internal_net}
> keep state
> pass out on $ext_if inet proto icmp from {$ext_if,$internal_net} to any
> keep state
>
> #TCP/UDP
> pass in on $int_if inet proto {udp,tcp} from $internal_net to any keep state
> pass out on $int_if inet proto {udp,tcp} from any to $internal_net keep
> state
>
> pass in on $ext_if inet proto {tcp,udp} from any to
> {$internal_net,$ext_if} keep state
> pass out on $ext_if inet proto {tcp,udp} from {$internal_net,$ext_if} to
> any keep state
>
>
> ###filtre
> block in on $int_if inet proto {tcp, udp, icmp} from <filtre> to any
>
> ---------
>
> Daca "decomentez" altq ... moare ping din $internal_net catre
> calculatorul acesta de tot.
> vanguard wrote:
>
> >posteaza te rog tot pf.conf
> >
> >vanguard
> >
> >
> >
>
>
>
ce traffic inregistrezi pe acest queue ?vanguard
