Thread: tun device
View Single Post
Old 20th September 2008
zomo zomo is offline
Port Guard
 
Join Date: Sep 2008
Posts: 25
Default

Ok i understand you, but if you put smth like that in to your pf.conf file:
1. pass in quick on $LAN from $user_ip to !$LAN tag user1 keep state flags S/SA queue (user_down ack_down)
2. pass out quick on $LAN all tagged user1 keep state flags S/SA queue (user_up ack_up)
Look, If user make connection matching to the rule number 1 when traffic will back will be put to queue user_down. Tagging allows you to mark packets after NAT to put it to appropriate ext queue.

So I limit download with pass in rule on INTERNAL interface and to limit upload, pass out rule on EXTERNAL interface and it works really good, but not with pppoe
Reply With Quote