Re: Connmark target

2009-06-06 Thread István
I guess you might want to tag that dscp enabled packets -because pf has no support for that at the moment, at least i cannot see- and put them into the queue based on the tag. http://www.openbsd.org/faq/pf/queueing.html#assign Regards, Istvan O

Re: Connmark target

2009-06-06 Thread vila
unfortunately that would not help me because the whole traffic is all originated from a single IP address (proxy) so i can not distinguish between them (that is why i use dscp marks) even if i could achieved this, there is still the issue about selecting incoming packets accordingly and dire

Re: Connmark target

2009-06-06 Thread vila
István ha escrito: Hi! In general it is a very bad idea to use the same way what you have been using before when you are moving to a new platform. You wouldn't use bash to manage win2k8 servers, just to give you an example what I am talking about. The question is: What do you want to do with

Re: Connmark target

2009-06-06 Thread vila
Ermal Luçi ha escrito: On Sat, Jun 6, 2009 at 6:49 PM, wrote: Vlad Galu ha escrito: On Sat, Jun 6, 2009 at 5:57 AM, wrote: Hi folks! I´m trying to figure out if there is a way to make connection marking in a similar way as the iptables´s CONNMARK target does? Does pf supports this fea

Re: Connmark target

2009-06-06 Thread Ermal Luçi
On Sat, Jun 6, 2009 at 6:49 PM, wrote: > Vlad Galu ha escrito: > >> On Sat, Jun 6, 2009 at 5:57 AM, wrote: >>> >>> Hi folks! >>> >>> I´m trying to figure out if there is a way to make connection marking in >>> a >>> similar way as the iptables´s CONNMARK target does? >>> >>> Does pf supports thi

Re: Connmark target

2009-06-06 Thread vila
Vlad Galu ha escrito: On Sat, Jun 6, 2009 at 5:57 AM, wrote: Hi folks! I´m trying to figure out if there is a way to make connection marking in a similar way as the iptables´s CONNMARK target does? Does pf supports this feature? My intentions are to tag an outgoing packet, transfer the tag