View Single Post
  #3   (View Single Post)  
Old 28th October 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

I've pulled in a real example -- my son's Torrent use on our home network. We have a 100Mbit LAN, and our Internet service is 12Mb/2Mb. Here is the queue definition, I give him no more than 50% of the Internet connection, if bandwidth needs to be constrained. Note I limit him to 6Mb on the outbound traffic to the internal network:
Code:
####################################
### traffic shaping

altq on $external_nic cbq bandwidth 2Mb queue {std-out, torrent-out}
queue std-out on $external_nic bandwidth 1Mb cbq (borrow, default)
queue torrent-out on $external_nic bandwidth 1Mb cbq (borrow,ecn)
altq on $internal_nic cbq bandwidth 100Mb queue {std-in, torrent-in}
queue std-in on $internal_nic bandwidth 94Mb cbq (borrow, default)
queue torrent-in on $internal_nic bandwidth 6Mb cbq (borrow, ecn)
My applicable pass and match rules are next. I'm using -current, so the rules are a little different than PF for -release, as but you should be able to get the drift of this -- there are four match rules that assign queues, and two pass rules that allow the traffic and conduct redirection to his workstation. (Recent changes to PF altered how packet forwarding "rdr" commands are used):
Code:
match in proto {tcp udp} from any to any port $tor-low queue torrent-in
match out proto {tcp udp} from any port $tor-low to any queue torrent-out
match in proto {tcp udp} from any to any port $tor-high queue torrent-in
match out proto {tcp udp} from any port $tor-high to any queue torrent-out
pass in log quick on $external_nic proto {tcp udp} from any to any port $tor-low \
    rdr-to 192.168.1.42 port $tor-low
pass in log quick on $external_nic proto {tcp udp} from any to any port $tor-high \
    rdr-to 192.168.1.42 port $tor-high
Reply With Quote