# takes care of traffic going towards outside pass out on $ext_if .... queue q_on_ext_if keep state
that won't work, because $ext_if is being nat'ed. i need to use
seperate queues for some of the internal hosts (p2p host, server subnet,
wireless clients), and since nat comes before filtering, i would have no
way to distinguish between the hosts once the packets hit the filter.
Actually, there's a nat feature you might be able to make use of:
nat on $ext_if from <wireless> to any -> $trans_addr port 50000:55000
Then filter based on the source port, 49999><55001.
Unfortunately, this is currently broken for little-endian machines. See my previous post.
Yeah, that can be a problem when doing NAT but only if you're classifying traffic based on the source IP address or port. I suppose the alternative is not to keep state on $int_if?
pass in on $int_if ... queue q_on_ext_if pass out on $int_if ... queue q_on_int_if
i thought you needed to keep state to do queueing?
No, state is not required. The packets are tagged as they travel, the state entry just saves the tag.
