Hi tech@.
This is on 5.4-stable. vlan is only used to see what resulting prio is.
The ruleset:
---
ext_if="em0"
int_if="vlan2525"
set skip on { lo enc0 em1 }
block log all
#match on { $int_if } inet proto icmp all icmp-type echoreq set prio 5
pass quick on { $ext_if, $int_if }
---
The vlan:
---
vlan2525: flags=28843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,NOINET6> mtu 1500
lladdr 00:1a:4a:a8:0a:8c
description: LAN
priority: 0
vlan: 2525 parent interface: em1
groups: vlan
status: active
inet 192.168.100.1 netmask 0xffffff00 broadcast 192.168.100.255
---
Pinging 192.168.100.2 (which is behind vlan2525) gives expected result:
23:51:02.154928 802.1Q vid 2525 pri 3 192.168.100.1 > 192.168.100.2:
icmp: echo request
23:51:02.155313 802.1Q vid 2525 pri 3 192.168.100.2 > 192.168.100.1:
icmp: echo reply
prio is set to 3 according to documentation.
Now, after I uncomment match rule and ping 192.168.100.2, the result is:
23:54:02.865267 802.1Q vid 2525 pri 0 192.168.100.1 > 192.168.100.2:
icmp: echo request
23:54:02.865485 802.1Q vid 2525 pri 0 192.168.100.2 > 192.168.100.1:
icmp: echo reply
prio 0 is somewhat unexpected.
Am I doing something wrong?
Cheers,
Alexey
