Hello again.
HereĀ“s a sample from my
systat queues
Code:
1 users Load 0.08 0.08 0.08 Thu Apr 14 01:00:13 2011
QUEUE BW SCH PRIO PKTS BYTES DROP_P DROP_B QLEN BORROW SUSPEN P/S B/S
root_em0 4000K hfsc 0 0 0 0 0 0 0 0
ack 800K hfsc 8 14 768 0 0 0 0 0
dns 200K hfsc 7 109 9470 0 0 0 0 0
ssh 1200K hfsc 6 0 0 0 0 0 0 0
ssh_login 600K hfsc 6 0 0 0 0 0 0 0
ssh_bulk 600K hfsc 5 0 0 0 0 0 0 0
main 800K hfsc 5 1 136 0 0 0 0 0
web 200K hfsc 4 8 5942 0 0 0 0 0
mail 200K hfsc 3 6 533 0 0 0 0 0
filetransfer 40000 hfsc 3 0 0 0 0 0 0 0
bruteforce 40000 hfsc 0 0 0 0 0 0 0
root_em1 30M hfsc 0 0 0 0 0 0 0 0
i_ack 6000K hfsc 8 0 0 0 0 0 0 0
i_dns 1500K hfsc 7 0 0 0 0 0 0 0
i_ssh 9000K hfsc 6 0 0 0 0 0 0 0
i_ssh_login 4500K hfsc 6 0 0 0 0 0 0 0
i_ssh_bulk 4500K hfsc 5 0 0 0 0 0 0 0
i_main 6000K hfsc 5 98 42088 0 0 0 0.2 37
i_web 1500K hfsc 4 0 0 0 0 0 0 0
i_mail 1500K hfsc 3 0 0 0 0 0 0 0
i_filetransfer 300K hfsc 3 0 0 0 0 0 0 0
Thanks for the heads up on the "
pass quick log inet proto tcp from <bruteforce> to any queue bruteforce"
I changed it to "
pass out quick log inet proto tcp to <bruteforce> queue bruteforce" i hope it will work as it should.
As you see from the
systat the outbound rules on $ext_if is working fine, but all traffic going out on the internal interface gets placed in the i_main queue (default).