I would like to know if anyone knows how to do the following.
I have a FreeBSD 8 gateway with 2 interfaces em0 and em1, which both have altq queues defined for low and high priority packets.
I would like to have for instance all data for http, both incoming and outgoing, to be using the low priority queue.
If I do:
this will not do the right job, since 'keep state' prevents pf from examining the return packets.
I can add a 'no state' to the rules, but I think that might not be the right answer.
What would happen if I tag the connections and use multiple pass rules with a different queue, like:
Thanks,
Adri.
I have a FreeBSD 8 gateway with 2 interfaces em0 and em1, which both have altq queues defined for low and high priority packets.
I would like to have for instance all data for http, both incoming and outgoing, to be using the low priority queue.
If I do:
Code:
pass out on em0 proto tcp from any to any port 80 queue low_out
pass out on em1 proto tcp from any port 80 to any queue low_inthis will not do the right job, since 'keep state' prevents pf from examining the return packets.
I can add a 'no state' to the rules, but I think that might not be the right answer.
What would happen if I tag the connections and use multiple pass rules with a different queue, like:
Code:
pass in on em0 proto tcp from any to any port 80 flags S/SA tag LOW
pass out on em0 tag LOW queue low_out
pass out on em1 tag LOW queue low_inThanks,
Adri.