Hi! I have try for several days to achieve the following goal with PF but
failed repeatedly, have read all the docs also, especially this
http://www.openbsd.org/faq/pf/queueing.html
The goal is: To be able to set dowload/upload speeds to PC's on the lan, so
far i have succed in setting dowload speeds for PC's but no luck with
upload.
In the above example i'm trying to set the dowload/upload speed to 64Kb to
pc 192.168.100.106.
Any hints, help on how to get the upload thing going?
The box runs 3.9, two interfaces, one for internet, second for lan. doing
basic natting.
Thanks.
# macros
ext_if="dc0" =
int_if="vr1"
tcp_services="{ 22, 113 }"
icmp_types="echoreq"
pc="192.168.100.106"
# options
set block-policy return
set loginterface $ext_if
set skip on lo
# scrub
scrub in
# queue
altq on $ext_if cbq bandwidth 256Kb queue { stdout pcout }
queue stdout bandwidth 192Kb cbq(default)
queue pcout bandwidth 64Kb cbq
altq on $int_if cbq bandwidth 100% queue { stdin pcin }
queue stdin bandwidth 192Kb cbq(default)
queue pcin bandwidth 64Kb cbq
# nat/rdr
nat on $ext_if from !($ext_if) -> ($ext_if:0)
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
rdr pass on $int_if proto tcp to port ftp -> 127.0.0.1 port 8021
rdr on $ext_if proto tcp from any to any port 80 -> $comp3
# filter rules
block in
pass out keep state
anchor "ftp-proxy/*"
antispoof quick for { lo $int_if }
pass in on $ext_if inet proto tcp from any to ($ext_if) \
port $tcp_services flags S/SA keep state
pass in on $ext_if inet proto tcp from any to $comp3 port 80 \
flags S/SA synproxy state
pass in inet proto icmp all icmp-type $icmp_types keep state
pass on $int_if
pass out on $int_if from any to $pc queue pcin
#pass in on $ext_if from $pc to any queue pcout --> I know, wrong ;)
