oops, i forgot, i;m using 4.6-stable
On Sun, Jan 31, 2010 at 4:11 PM, Agung T. Apriyanto <dup...@gmail.com> wrote:
> dear all,
>
> i have this setup :
>
> internet <--> squid <--> openbsd limiter <--> client
>
> on squid using zph i've mark with tos 0x30,
> on limiter:
> pass out quick log on $client_if proto tcp from any to <client> tos
> 0x30 no state queue q_tos
>
> then when i'm monitor on pflog0 there's no match for rule with tos
> describe above, but
> when i tcpdump $client_if there are packets with tos 0x30.
>
> no state used because after searching archive i found some suggest to use it.
> but i'm still not able to queue the tos packet.
>
> my question is what may cause this behaviour? is it because pf was too
> late to see
> the marked packet or what ?
>
> thanks n regards,
> -Agung
>
> ===
> my pf:
>
> client_if = vlan100
>
> set ruleset-optimization none
> set optimization normal
> set block-policy drop
> set skip on { lo0 }
> set reassemble yes no-df
>
> match out all scrub (random-id no-df)
> match in all scrub (no-df)
>
> altq on $client_if hfsc bandwidth 100Mb $ql queue { q_def q_tos }
> queue q_def on $client_if bandwidth 50% hfsc(red upperlimit 75%
> default)
> queue q_tos on $client_if bandwidth 70% hfsc(red upperlimit 85%)
>
> pass out quick log on $client_if proto tcp from any to <client> tos
> 0x30 no state queue q_tos
> pass out quick log on $client_if from any to <client> queue q_def
>
