I try with this pf.conf and the ssh interactive packets still go to the
ExtInAck queue but the bulk ssh packets go to the right queue (sshbulkext)
I can't figure out why...
ext_if="xl0"
scrub in log all
altq on $ext_if hfsc bandwidth 2000Kb queue { default-Ext-In, sshExtInObsd,
httpExtInObsd, ExtInAck}
queue default-Ext-In bandwidth 20% hfsc(red linkshare 20% default) priority
1
queue sshExtInObsd bandwidth 10% hfsc(red realtime 100Kb) { sshinteractext,
sshbulkext }
queue sshinteractext bandwidth 50% priority 7 hfsc(red)
queue sshbulkext bandwidth 50% priority 1 hfsc(red)
queue httpExtInObsd bandwidth 10% hfsc(red linkshare 10%)
queue ExtInAck bandwidth 10% hfsc(red realtime 100Kb)
pass quick on lo0 all
block in log all
pass out on $ext_if keep state
pass in on $ext_if proto tcp to ($ext_if) port ssh keep state queue
(sshbulkext sshinteractext)
pass in on $ext_if proto tcp to ($ext_if) port 80 keep state queue
(httpExtInObsd ExtInAck)
----- Original Message -----
From: "Joachim Schipper" <[EMAIL PROTECTED]>
To: <misc@openbsd.org>
Sent: Friday, January 12, 2007 3:41 PM
Subject: Re: HFSC and SSH bug ?
> On Fri, Jan 12, 2007 at 03:23:15PM +0100, [EMAIL PROTECTED] wrote:
>> I try to use HFSC on a gateway to queue packets.
>> SSH packets never go to the right queue, always in the default queue.
>>
>> I test with this little pf.conf on a single interface machine and face
the
>> same problem. http packets go to the right queue ssh always to the
default
>> queue !! Any idea ?
>
>> pass in on $ext_if proto tcp to ($ext_if) port ssh keep state queue
>> (sshbulkext sshinteractext)
>> pass in on $ext_if proto tcp to ($ext_if) port 80 keep state queue
>> (httpExtInObsd ExtInAck)
>>
>> pass out on $ext_if keep state
>
> pf(4) will work with the *last* matching rule, not the first. (Add
> 'quick' to your rules, or reverse the order of the rules.)
>
> This is actually very useful, but can be confusing the first (couple of)
> time(s).
>
> Joachim
