Hi there, I'm looking to make use ALTQ queues to reduce the impact of persistent offenders running P2P software, virus infested machines running network scans or other misuse by throttling back their connection.
The plan is to have two queues, a default one and a restricted one that is only assigned 5% of the bandwidth. I also intend to use the overload functions to add addresses to a table based on connection rate since most malware and P2P don't use identifiable ports or rules. My question is this: Can I use a generic pass rule at the top of the configuration to assign the table to the restricted queue and then later use pass/block quick rules to control access as normal, or will the later pass/block quick rules push the traffic back into the default queue? Steve.
