Re: Interrogation regarding pf + ALTQ
Constant, Benjamin wrote: By the way, are their other tools than pftop and pfctl that could help me to debug my rules ? We've been using pfctl -vvsq for quite some time to watch the distribution of traffic on our queues, and it worked OK for a quick view. Since we wanted something similar, but for longer time stretches, I wrote a probe for Symon (http://www.xs4all.nl/~wpd/symon/), that can monitor the traffic in each queue. Willem will try to incorporate it in the next release, or I can send you the patches if you are impatient. Cheers, martin
Re: PF and promiscuous mode
On Fri, 2005-03-18 at 10:48, Michael W. Lucas wrote: Hi, I'm using two PF boxes as traffic shapers, with CARP, running 3.5 GENERIC#127 i386 (to be updated to 3.7 as soon as it hits the shelves.) Will promiscuous mode see traffic before or after queueing on an interface? inbound to an interface: before. outbound from an interface: after. promiscuous mode apps normally attach at the BPF layer which is below where a layer 3 filter like PF hooks into the stack. so as a packet go up the stack it hits BPF, then layer 3 filter. as a packet goes down the stack on the way out, it hits layer 3 filter then BPF. -j -- If I wanted smoke blown up my ass, I'd be at home with a pack of cigarettes and a short length of hose. --The Simpsons
