I take it from the silence that the answer is that pf lacks this functionality at the moment. Bother :)
What would the overhead be of setting up a queue for every source address (1024 of them) ? Will this impact performance? R Russell Fulton wrote: > Thanks for your response Paul (and Andrew). > > I had read this doc and if this is straight forward then I am clearly > missing something (it would not be the first time ;). I can't see how > to get individual child queues, each of 128Kbps for each active IP > address on the inside with out defining them all in the pf.conf (in this > case 1024 child queues). All the examples show static assignment of > address blocks or ports to predefined queues. > > what we want to do is to allow throttled access to the Internet from our > wireless network while allowing full speed access to the campus > network. And we want the throttling to be on a per user basis not on an > aggregate basis. > > ipfw does this by having a (src|dst)mask parameter which essentially > creates a new queue for each unique value of the address & mask. > > >