to shape incoming packets

M

maslakyavuz

I use pf, altq, transparent squid, nat. It works. Squid works on 127.0.0.1:3128. I wish to shape incoming packets in pf, but I can't see properly. I don't use a bridge.
How can I do that?
 
As far as I know you can only shape outgoing traffic, not incoming.

You can limit the amount of incoming connections but that's an entirely different story.
 
maslakyavuz said:
I use pf, altq, transparent squid, nat. It works. Squid works on 127.0.0.1:3128. I wish to shape incoming packets in pf, but I can't see properly. I don't use a bridge.
How can I do that?
Click to expand...

You can't shape incoming traffic. That's because shaping requires queuing to store packets, which is something not normally done on incoming interface. Only policing can be done on incoming interface.

Shape outbound on your inside connection for returning packets - this creates the illusion of shaping inbound on outside interface:

Code: 
-----internet---[PF]---------->
                    ^
                    |
                    | shape outbound here
 
You must log in or register to reply here.
Back
Top