I didn't want to open the new topic. I am trying to get better performance out of my laptop with altq. I was wondering if you guys could check out my pf.conf and comment on it.
Best,
OKO
Code:
ext_if="rl0"
tcp_services = "{imap, imaps, pop3s, smtp, 587,\
ntp, www, https}"
udp_services= "{ntp, rtsp}"
set require-order yes
set block-policy return
set optimization normal
set skip on lo
set loginterface $ext_if
scrub in all random-id fragment reassemble
scrub out all random-id fragment reassemble
altq on $ext_if priq bandwidth 256Kb queue { std_out, ssh_im_out, dns_out, \
tcp_ack_out }
queue std_out priq(default)
queue ssh_im_out priority 4 priq(red)
queue dns_out priority 5
queue tcp_ack_out priority 6
block log all
antispoof quick for { lo $ext_if }
block drop in quick from no-route to any
block drop in quick from urpf-failed to any
block drop in quick on $ext_if from any to 255.255.255.255
block drop in quick on $ext_if from { 10.0.0.0/8, 172.16.0.0/12, \
192.168.0.0/16, 255.255.255.255/32 } to any
pass out on $ext_if proto udp to any port $udp_services
pass out on $ext_if proto tcp to any port $tcp_services flags S/SA \
keep state queue(std_out, tcp_ack_out)
pass out on $ext_if inet proto { tcp udp } from any to any port domain \
keep state queue dns_out
pass out on $ext_if inet proto tcp from any to any port {ssh, sftp} \
flags S/SA keep state queue(std_out, ssh_im_out)