Hi Ermal, On 01/08/2014 12:04 AM Ermal Luçi wrote: > Well short answer. > Try with only the second rule stating !from your alias. > > That should give you a working config.
but how about multiple departments then? Each of them with a separate set of limiters as well. I'm just trying to understand why the match action doesn't seem to work with limiters like it does with any other optional parameters like queues for example. Assigning limiters to all interface based rules would be a real pain depending on the size of the rule set and the complexity of the configuration. E.g. lets say you've got 14 interfaces on a box each one supposed to have its own set of limiters. I'd expect multiple floating rules, each one defining a separate set of limiters per department to work while pushing unmatched traffic into a default set of limiters using a "catch-all" rule at the very end of the chain. I mean, this is the intended use of the floating tab, right? So if there's anything wrong with my assumption someone be so kind and kickstart my brain. It would be nice to have a clear explanation to this but also for anyone else who might come up with the same question bumping into this thread. Thanks a lot :)
signature.asc
Description: OpenPGP digital signature
_______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list