You can mix ipfw and pf, but beware of the order they are loaded (The first one loaded is inside the second one loaded) – it may be better in fact to compile them both in the kernel.
You basically end up with: (pf)(ipfw)(system)(ipfw)(pf) – assuming pf was loaded first Sent from Mail for Windows 10 From: mike tancsa Sent: 29 July 2019 17:06 To: freebsd-pf@freebsd.org Subject: pf and dummynet I have a box I need to shape inbound and outbound traffic. It seems altq can only shape outbound packets and not limit inbound ? If thats the case, what is the current state of mixing ipfw, dummynet and pf ? Writing large complex firewall rules works better from a readability POV (for us anyways) so I really prefer to use it. But I need to prevent zfs replication eating up BW over some WAN links, and dummynet seems to "just work" For ipfw I have 00010 6640359 9959147882 pipe 1 tcp from 192.168.128.0/20 to any 01000 3486901 228480912 allow ip from any to any and then checking my pf.conf rules, it seems to block and pass traffic as expected. Is there anything I should explicitly check ? ---Mike _______________________________________________ freebsd-pf@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org" _______________________________________________ freebsd-pf@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
