eculp wrote:
I don't remember why but for some reason I have the idea that pf+altq is not bidirectional. Am I mistaken?
no solution that does not involve cooperation from your upstream connection(s) is truly bidirectional. it is easy to limit/shape your outbound traffic. on the other hand it is difficult if not impossible to unilaterally control the amount or sources of inbound data arriving at your border router(s) on it's way to various applications (mail servers, for example). you can _pretend_ to by dropping, queuing or otherwise limiting it once inside your network, but you cannot meaningfully prevent it from using your downlink bandwidth and potentially crowding out other, possibly more desirable, inbound data. _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
