View Single Post
  #4   (View Single Post)  
Old 23rd August 2016
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
Join Date: May 2008
Location: USA
Posts: 6,611

You have two problems you must overcome. If you cannot overcome problem 1, there is no need to worry about problem 2.
  1. Instruct PF to recognize "watching video"

    Before you can shape traffic, you must be able to have PF recognize that traffic and distinguish it from any other traffic in your network.

    PF manages traffic by information available to the kernel about that traffic, found primarily in Layer 3 of the TCP/IP model: IP addresses, IP protocols, and TCP/UDP ports. However, none of this information directly relates to "watching video."

    There are many forms of "video streaming." Some are easy to distinguish from other traffic, such as IPTV multicast streaming to set top boxes. Other types of video traffic, such as HTML5 to a browser, cannot be distinguished from any other web traffic from Layer 3 information. It's TCP traffic from a server's source port 80 or 443.
  2. Unsupported software

    The subsystem for queing in OpenBSD 5.3 was called altq -- a new queuing system was implemented at OpenBSD 5.5, and altq was removed completely with OpenBSD 5.6. Your 5.3 pf.conf(5) man page discusses the altq queuing subsystem. But the FAQ and the PF Users Guide have moved on, and no longer do so.

    You can use cvs(1) to obtain a version of the FAQ and the PF User's Guide that matches your release, but it would likely be easier to move forward from your old, out-of-date OS than it would be to for you to try to do that.
If it helps, your "secure firewall" is missing 55 published security and reliability patches since support was dropped. Please, consider upgrading, or reinstalling.
Reply With Quote