Hello,
I'm trying to build some QoS based on the TOS field in the IP header of the packets going trough my machine in any direction. For now I'm unable to build a rule to match these. There are such packets - I can see them on tcpdump:
Code:
13:38:35.466787 IP (tos 0x30, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40) 192.168.0.34.47624 > 67.225.240.104.80: R, cksum 0xf6f5 (correct), 1916966715:1916966715(0) win 0
Here is the rule I think should match that packet (but it doesn't):
Code:
int_if = "re0"
ext_if = "rl0"
ext_ip = "192.168.1.2"
table <network> { 192.168.0.34, 192.168.0.9 }
set state-policy if-bound
scrub in all
altq on $int_if hfsc bandwidth 15Mb queue {download, gen_down, dl_int}
queue gen_down bandwidth 1Mb hfsc (realtime 1Mb upperlimit 1Mb default)
queue download bandwidth 12Mb hfsc (realtime 10Mb upperlimit 15Mb)
queue dl_int bandwidth 2Mb hfsc (realtime 1Mb upperlimit 2Mb)
altq on $ext_if hfsc bandwidth 15Mb queue {upload, gen_up, up_int}
queue gen_up bandwidth 1Mb hfsc (realtime 1Mb upperlimit 1Mb)
queue upload bandwidth 12Mb hfsc (realtime 10Mb upperlimit 15Mb default)
queue up_int bandwidth 2Mb hfsc (realtime 1Mb upperlimit 2Mb)
nat on $ext_if from <network> to any -> $ext_ip
pass quick on $ext_if from <network> tos 0x30 label "int_dl"
pass log (all to pflog0) quick on $int_if from <network> keep state tag to_data label "?download:" queue download
pass log (all to pflog1) quick on $ext_if tagged to_data label "?upload:" queue upload
I've tried both replacing $int_if and $ext_if in the pass rule, also changing "from <network>" to "to <network>" and it never matches anything.
Any ideas?