Hi,
I have a firewall system that has outbound altq traffic shaping that is working fine. I would like to have traffic shaping on the on downstream traffic also. I assume this can be done in the internal interface when the traffic is going outside from the internal interface. The upload altq is on the external interface traffic going outside from the external interface.
These are the rules that I've configured to the firewall:
(I have written these rules based on the upload traffic shping rules)
All traffic is caught by the "in_std" -queue that is the last rule. There is no http or dns traffic allthough I generate http and dns traffic while testing. Any help?
I have a firewall system that has outbound altq traffic shaping that is working fine. I would like to have traffic shaping on the on downstream traffic also. I assume this can be done in the internal interface when the traffic is going outside from the internal interface. The upload altq is on the external interface traffic going outside from the external interface.
These are the rules that I've configured to the firewall:
(I have written these rules based on the upload traffic shping rules)
Code:
###inbound altq
pass quick on $int_if inet proto { tcp udp } from ($ext_if) port domain queue (in_dns)
pass quick on $int_if inet proto tcp from ($ext_if) port 22 to any queue(in_ssh)
pass quick on $int_if inet proto tcp from ($ext_if) port $im to any queue(in_services)
pass quick on $int_if inet proto icmp from ($ext_if) to any queue(in_ping)
pass quick on $int_if proto tcp from ($ext_if) to any queue(in_http, in_acks) tagged HTTP
pass quick on $int_if inet proto tcp from ($ext_if) port $torrent_orja to any queue (in_torrent)
pass quick on $int_if inet proto udp from ($ext_if) port $torrent_orja to any queue (in_torrent)
pass quick on $int_if inet proto tcp from ($ext_if) to any flags S/SA queue(in_acks)
pass quick on $int_if inet proto tcp from ($ext_if) port $steam_tcp to any queue(in_high)
pass quick on $int_if inet proto udp from ($ext_if) port $steam_udp to any queue(in_high)
pass quick on $int_if inet proto tcp from ($ext_if) port $ps3_tcp to any queue(in_high)
pass quick on $int_if inet proto udp from ($ext_if) port $ps3_udp to any queue(in_high)
pass on $int_if inet from any to any queue(in_std)
All traffic is caught by the "in_std" -queue that is the last rule. There is no http or dns traffic allthough I generate http and dns traffic while testing. Any help?