Ondra Knezour píše v st 13. 01. 2010 v 15:35 +0100:
> Dne 13.1.2010 14:46, Radek Valášek napsal(a):
> #Upload na venkovní em1
> altq on em1 hfsc bandwidth 2Mb queue {pc_up, def_up}
> queue pc_up bandwidth 768Kb hfsc (realtime 32Kb upperlimit 512Kb)
> queue def_up bandwidth 128Kb hfsc(default realtime 32Kb upperlimit
> 128Kb)
>
> #Download na vnitřní em0
> altq on em0 hfsc bandwidth 2Mb queue {pc_down, def_down}
> queue pc_down bandwidth 768Kb hfsc ( realtime 32Kb upperlimit (
> 1024Kb, 15000, 512Kb ))
> queue def_down bandwidth 128Kb hfsc(ecn red default realtime 32Kb
> upperlimit 128Kb)
>
>
> #Stávající varianta filtrování, kdy už zkouším, co mě napadne
> block log all
> pass out log on em0 from any to 10.200.11.10 queue pc_down no state
> pass out log on em1 from 10.200.11.10 to any queue pc_up no state
> pass log quick on em1 from any to 10.200.11.10 keep state
> pass in log quick on em0 proto tcp from 10.200.11.10 to any modulate
> state flags S/SAFR
> pass in log quick on em0 from 10.200.11.10 to any keep state
>
zkus tohle
pass in on emO from 10.200.11.10 to any tag PC_OUT queue pc_down
pass in on em1 from any to 10.200.11.10 tag PC_IN queue pc_up
pass out on em0 tagged PC_IN queue pc_down
pass out on em1 tagged PC_OUT queue pc_up
--
Michal
--
FreeBSD mailing list (users-l@freebsd.cz)
http://www.freebsd.cz/listserv/listinfo/users-l
