Discussion:
pf set prio
Михаил Швецов
2013-06-13 14:53:43 UTC
Permalink
Does (pf set prio) work on Openbsd 5.3 x64 or i386?
Please can you write simple config for set prio in pf.conf?

For example(does it work?):
set skip on lo
match out on $ext_if from { $int_if:network } nat-to ($ext_if)

block
pass out

pass in on $int_if
pass in inet proto icmp

pass on $int_if proto tcp to port ssh set prio 6
pass on $int_if proto tcp from port ssh set prio 6
pass on $ext_if proto tcp to port ssh set prio 6
pass on $ext_if proto tcp from port ssh set prio 6

Set prio may prioritize only outbound trafic(how altq) or "in" too?

When i use queue i can see in `systat q`. And how with "set pf prio", HOW TO
SEE
that ssh (prio 6) go away before other trafic(www for example) WHAT command
to
use tcpdump or pfctl or log this trafic? How to know that prio works?

P.S
And read other posts(messages) i see 2 (two) commands "prio X" and "set prio
X"

1:(something OpenBSD 5.0 -5.1)
block all
pass in on $int_if prio 5

2:(OpenBSD 5.3)
block all
pass in on $int_if set prio 5

does rule1=rule2
or
rule1: pass in on $int_if only traffic with prio 5
rule2: pass in on $int_if all traffic and set him(traffic) prio 5
???
Henning Brauer
2013-07-02 06:07:32 UTC
Permalink
Post by Михаил Швецов
Does (pf set prio) work on Openbsd 5.3 x64 or i386?
of course.
Post by Михаил Швецов
Please can you write simple config for set prio in pf.conf?
match set prio 5
Михаил Швецов
2013-07-02 08:58:54 UTC
Permalink
Post by Henning Brauer
Post by Михаил Швецов
Does (pf set prio) work on Openbsd 5.3 x64 or i386?
of course.
How can i see that it works? tcpdump or others progs?
Post by Henning Brauer
Post by Михаил Швецов
Please can you write simple config for set prio in pf.conf?
match set prio 5
this rule set prio 5 only the out traffic from server and in when he out
("state")?

Loading...