[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PF NAT altq

To: Stephen Flanagan <sflanagan@flanagannetworks.com>
Subject: Re: PF NAT altq
From: Leo Galambos <leog@centrum.cz>
Date: Mon, 09 Feb 2004 19:51:26 +0100
Cc: misc@openbsd.org
References: <40279B85.30701@centrum.cz> <4027C300.4060608@flanagannetworks.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; cs-CZ; rv:1.6) Gecko/20040113

I'm sorry, but I cannot see any missing parts...yes, the variables are 
not set (I did copy the important lines only), but you can see, that 
queue limit is set, nat is active, outgoing packets should be pass 
through altq and due to keep state, I hope, the incoming stream is 
limited as well...

Cheers,
Leo

Stephen Flanagan napsal(a):

> I saw in comparison to the example that you were missing some elements 
> of configuration..
> take a second look.
> http://www.openbsd.org/faq/pf/queueing.html#example2
>
> Leo Galambos wrote:
>
>> Hi,
>>
>> I would like to limit the bandwith consumed by my NAT clients. 
>> Unfortunately, if I use the configuration presented below, they can 
>> still run at full speed (10Mbps). I guess, I missed some point in the 
>> PF guide, but I cannot find the bug in my PF rules. Can you help me, 
>> please?
>>
>> Thank you.
>> Leo
>>
>> # uname -a
>> OpenBSD fw.egothor.org 3.4 GENERIC#18 i386
>>
>> nat on $ext_if from $internal_net to any -> ($ext_if)
>>
>> altq on $ext_if bandwidth 40Kb cbq queue { outpipe }
>> queue outpipe bandwidth 100% cbq(default)
>> block in log all
>> pass  quick on lo0 all keep state
>> pass  out on $ext_if inet proto { tcp, udp, icmp } all keep state 
>> queue outpipe

References:
- PF NAT altq
  - From: Leo Galambos <leog@centrum.cz>
- Re: PF NAT altq
  - From: Stephen Flanagan <sflanagan@flanagannetworks.com>

Prev by Date: Re: tunnel notification: NO PROPOSAL CHOSEN
Next by Date: Re: tunnel notification: NO PROPOSAL CHOSEN
Prev by thread: Re: PF NAT altq
Next by thread: changing port numbers of sendmail
Index(es):
- Date
- Thread