View Single Post
Old 4th December 2008
s2scott's Avatar
s2scott s2scott is offline
Package Pilot
 
Join Date: May 2008
Location: Toronto, Ontario Canada
Posts: 198
Default

Quote:
Originally Posted by ivanatora View Post
I'm still wandering why (sic) queuing works for downloads (direction: <data> -> $ext_if -> $int_if -> <network>) while the rule is read in the opposite direction (from <network> to <data>). Can you put some light on that? What rule should I use if I want to limit upload speed?
Because...
Code:
pass in quick on $int_if \
 from <network> to <data> tag DO_NAT \
 keep state queue \
 data label "do_nat_data"
"keep state" sets up the return path INCLUDING, in your case, return path through your "queue." Your outbound packets establish state entry and the matching reply packets come through the state table entry, with your queue attached, and not the rules table.

/S
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience.

Last edited by s2scott; 4th December 2008 at 01:17 AM.
Reply With Quote