View Single Post
Old 14th April 2011
A_Sorenby A_Sorenby is offline
New User
 
Join Date: Apr 2011
Posts: 6
Default

Code:
RULE  ACTION   DIR LOG Q IF     PR        K     PKTS    BYTES   STATES   MAX INFO
   0  Pass     Any                                 0        0        0       all flags any
   1  Match    Out       em0                     524   220996       25       from <clients> to any
   2  Block    In  Log Q em0                      48    25919        0       drop from <rfc1918> to any
   3  Block    Out Log Q em0                       0        0        0       drop from any to <rfc1918>
   4  Pass     In  Log Q em1    tcp       K        0        0        0       inet from any to any port = ftp
   5  Pass     Out Log Q em0    tcp       K        0        0        0       inet from any to <bruteforce>  queue bruteforce
   6  Pass     Any Log          tcp                0        0        0     6 inet from any to any port = ssh flags S/FSRA
   7  Block    Any                              1174    81033        0       drop all
   8  Pass     In        em0    tcp                0        0        0     6 inet from any to any port = ssh flags S/FSRA
   9  Pass     In        em0    tcp       K        0        0        0       inet from any to any port = domain
  10  Pass     In        em0    tcp       K        0        0        0       inet from any to any port = ntp
  11  Pass     In        em0    udp       K        0        0        0       inet from any to any port = domain
  12  Pass     In        em0    udp       K        0        0        0       inet from any to any port = ntp
  13  Pass     In        em0    tcp       K      109     5708       41       inet from any to any port = 50000
  14  Pass     In        em0    udp       K       37     2581       10       inet from any to any port = 50000
  15  Pass     In        em0    tcp       K        0        0        0       inet from any to any port = 45000
  16  Pass     In        em0    udp       K        0        0        0       inet from any to any port = 45000
  17  Pass     Out       em0    tcp                0        0        0       inet from any to any port = ssh flags S/FSRA queue(ssh_bulk, ssh_login)
  18  Pass     Out       em0    tcp       K        0        0        0       inet from any to any port = domain  queue dns
  19  Pass     Out       em0    tcp       K        0        0        0       inet from any to any port = ntp  queue dns
  20  Pass     Out       em0    udp       K      330    82323      165       inet from any to any port = domain  queue dns
  21  Pass     Out       em0    udp       K        6      456        3       inet from any to any port = ntp  queue dns
  22  Pass     Out       em0    tcp       K        0        0        0       inet from any to any port = 45000  queue filetransfer
  23  Pass     Out       em0    tcp       K        0        0        0       inet from any to any port = 50000  queue filetransfer
  24  Pass     Out       em0    udp       K        0        0        0       inet from any to any port = 45000  queue filetransfer
  25  Pass     Out       em0    udp       K       10     2230        1       inet from any to any port = 50000  queue filetransfer
  26  Pass     Out       em0    tcp       K      435   199085       21       inet from any to any port = www  queue(web, ack)
  27  Pass     Out       em0    tcp       K       18     9244        1       inet from any to any port = https  queue(web, ack)
  28  Pass     Out       em0    tcp       K        0        0        0       inet from any to any port = smtp  queue(mail, ack)
  29  Pass     Out       em0    tcp       K       29     5176        1       inet from any to any port = pop3  queue(mail, ack)
  30  Pass     Out       em0    tcp       K        0        0        0       inet from any to any port = imap3  queue(mail, ack)
  31  Pass     Out       em0    tcp       K        0        0        0       inet from any to any port = imaps  queue(mail, ack)
  32  Pass     Out       em0    tcp       K       32     5261        1       inet from any to any port = pop3s  queue(mail, ack)
  33  Pass     Out       em0    icmp      K        0        0        0       inet all  queue(dns, ack)
  34  Pass     Out       em0    icmp      K        0        0        0       inet all  queue(dns, ack)
  35  Pass     In        em1    tcp                0        0        0       inet from any to any port = ssh flags S/FSRA
  36  Pass     In        em1    tcp       K        0        0        0       inet from any to any port = domain
  37  Pass     In        em1    tcp       K        0        0        0       inet from any to any port = ntp
  38  Pass     In        em1    tcp       K        0        0        0       inet from any to any port = 45000
  39  Pass     In        em1    tcp       K        0        0        0       inet from any to any port = 50000
  40  Pass     In        em1    tcp       K        0        0        0       inet from any to any port = www
  41  Pass     In        em1    tcp       K        0        0        0       inet from any to any port = https
  42  Pass     In        em1    tcp       K        0        0        0       inet from any to any port = smtp
  43  Pass     In        em1    tcp       K        0        0        0       inet from any to any port = pop3
  44  Pass     In        em1    tcp       K        0        0        0       inet from any to any port = imap3
  45  Pass     In        em1    tcp       K        0        0        0       inet from any to any port = imaps
  46  Pass     In        em1    tcp       K        0        0        0       inet from any to any port = pop3s
  47  Pass     In        em1    udp       K        0        0        0       inet from any to any port = domain
  48  Pass     In        em1    udp       K        0        0        0       inet from any to any port = ntp
  49  Pass     In        em1    udp       K        0        0        0       inet from any to any port = 45000
  50  Pass     In        em1    udp       K        0        0        0       inet from any to any port = 50000
  51  Pass     In        em0    icmp      K       18     1152        3       inet all
  52  Pass     In        em0    icmp      K        0        0        0       inet all
  53  Match    Out       em1    tcp                0        0        0       inet from any to any port = domain  queue i_dns
  54  Match    Out       em1    tcp                0        0        0       inet from any to any port = ntp  queue i_dns
  55  Match    Out       em1    udp                0        0        0       inet from any to any port = domain  queue i_dns
  56  Match    Out       em1    udp                0        0        0       inet from any to any port = ntp  queue i_dns
  57  Match    Out       em1    tcp                0        0        0       inet from any to any port = ssh  queue(i_ssh_bulk, i_ssh_login)
  58  Match    Out       em1    tcp                0        0        0       inet from any to any port = 45000  queue i_filetransfer
  59  Match    Out       em1    tcp                0        0        0       inet from any to any port = 50000  queue i_filetransfer
  60  Match    Out       em1    udp                0        0        0       inet from any to any port = 45000  queue i_filetransfer
  61  Match    Out       em1    udp                0        0        0       inet from any to any port = 50000  queue i_filetransfer
  62  Match    Out       em1    tcp                0        0        0       inet from any to any port = www  queue(i_web, i_ack)
  63  Match    Out       em1    tcp                0        0        0       inet from any to any port = https  queue(i_web, i_ack)
  64  Match    Out       em1    tcp                0        0        0       inet from any to any port = smtp  queue(i_mail, i_ack)
  65  Match    Out       em1    tcp                0        0        0       inet from any to any port = pop3  queue(i_mail, i_ack)
  66  Match    Out       em1    tcp                0        0        0       inet from any to any port = imap3  queue(i_mail, i_ack)
  67  Match    Out       em1    tcp                0        0        0       inet from any to any port = imaps  queue(i_mail, i_ack)
  68  Match    Out       em1    tcp                0        0        0       inet from any to any port = pop3s  queue(i_mail, i_ack)
  69  Match    Out       em1    icmp               0        0        0       inet all  queue(i_dns, i_ack)
  70  Match    Out       em1    icmp               0        0        0       inet all  queue(i_dns, i_ack)
Still nothing.
It might help to know the traffic i want to shape is not for any services, but client requested traffic. (e.g. Downloading OpenBSD_snapshots_i386-2011-04-14-0102.torrent) so that downloading said file wont hog everything else.
Reply With Quote