Aaron, When you say, "seem to spill over into the normal queue" do you mean the bittor queue is borrowing bandwidth from the total amount of bandwidth available?
You may need to set a limit on the bittor queue if you want to limit its bandwidth. The OpenBSD Faq says, CBQ queues are arranged in an hierarchical manner. At the top of the hierarchy is the root queue which defines the total amount of bandwidth available. Child queues are created under the root queue, each of which can be assigned some portion of the root queue's bandwidth. For example, queues might be defined as follows: Root Queue (2Mbps) Queue A (1Mbps) Queue B (500Kbps) Queue C (500Kbps) Also, you can use HFSC queueing for this as well. Hierarchical Fair Service Curve (HFSC) of OpenBSD https://calomel.org/pf_hfsc.html -- Calomel @ https://calomel.org Open Source Research and Reference On Tue, Jan 05, 2010 at 07:14:59PM -0500, Aaron Mason wrote: >Hi all, > >I've got the following pf.conf file for limiting bittorrent >connections and providing higher priority to a game server. While the >latter works wonderfully, the bittorrent connections seem to spill >over into the normal queue and it's driving me crazy. > >My /etc/pf.conf file is as follows: >set skip on lo > ># Setting some constants >prio_port = "{ 22 53 5900 }" >shiori = "192.168.2.241/32" >chechemaru = "192.168.2.251/32" >wired_if = "rl0" >wlan_if = "ath0" > >hi_bw = "33Mb" >norm_bw = "20Mb" >lo_bw = "178415b" > >altq on $wired_if cbq bandwidth 54Mb queue { wired_hi, wired_norm, wired_lo } > queue wired_hi bandwidth $hi_bw priority 2 > queue wired_norm bandwidth $norm_bw cbq(default) priority 3 > queue wired_lo bandwidth $lo_bw priority 4 > >altq on $wlan_if cbq bandwidth 54Mb queue { wlan_hi, wlan_norm, wlan_lo } > queue wlan_hi bandwidth $hi_bw priority 2 > queue wlan_norm bandwidth $norm_bw cbq(default) priority 3 > queue wlan_lo bandwidth $lo_bw priority 4 > ># SSH and DNS traffic as well >pass out quick on $wired_if proto { tcp udp } to any port $prio_port \ > queue wired_hi >pass out quick on $wired_if proto { tcp udp } from any port $prio_port \ > queue wired_hi >pass out quick on $wlan_if proto { tcp udp } to any port $prio_port \ > queue wlan_hi >pass out quick on $wlan_if proto { tcp udp } from any port $prio_port \ > queue wlan_hi > >#High priority to Shiori >pass out quick on $wired_if to $shiori queue wired_hi >pass out quick on $wlan_if from $shiori queue wlan_hi > >#Low priority and limiting to Chechemaru >#NOTE: BT connections are bidirectional, hence the seemingly \ >#redundant rules >pass out quick on $wired_if to $chechemaru queue wired_lo >pass out quick on $wired_if from $chechemaru queue wired_lo >pass out quick on $wlan_if to $chechemaru queue wlan_lo >pass out quick on $wlan_if from $chechemaru queue wlan_lo > ># Everything else gets normal priority ># pass out quick on $wired_if queue wired_norm >#pass >block in on ! lo0 proto tcp to port 6000:6010 > >A typical output from pftop shows the contents of >http://paste2.org/p/596043 - notice the upstream going crazy. >Unfortunately pfTop hasn't been updated to take advantage of the >changes to pf, so it refuses to display the rules. I'd do it myself >if I had a better understanding of how pf worked within, but I'm not >quite at that stage yet. > >A very hard cluestick is greatly appreciated, to go along with the >concussion I am suffering from banging my head on the desk. > >Regards > > >-- >Aaron Mason - Programmer, open source addict >I've taken my software vows - for beta or for worse
