diff options
| author |   henning <henning@openbsd.org> | 2002-11-22 19:30:45 +0000 |
|---|---|---|
| committer | henning <henning@openbsd.org> | 2002-11-22 19:30:45 +0000 |
| commit | 5b4f6f3bb754d542e9a1a889851756bcd56eb64a (patch) | |
| tree | 723c6dead01bb9230de508ff5a6480200ba00f1b | |
| parent | Disallow non-interactive sessions, to avoid problem of users scp'ing (diff) | |
| download | wireguard-openbsd-5b4f6f3bb754d542e9a1a889851756bcd56eb64a.tar.xz wireguard-openbsd-5b4f6f3bb754d542e9a1a889851756bcd56eb64a.zip | |
exaple ruleset for the new queue stuff
| -rw-r--r-- | share/pf/queue1 | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/share/pf/queue1 b/share/pf/queue1 new file mode 100644 index 00000000000..1a669c7c784 --- /dev/null +++ b/share/pf/queue1 @@ -0,0 +1,20 @@ +ext_if = "dc0" + +altq on $ext_if scheduler cbq bandwidth 10Mb \ + queue { deflt, http, ssh, mail, rsets } +queue deflt bandwidth 10% priority 0 cbq(default ecn) +queue http bandwidth 1.5Mb priority 3 { http_vhosts, http_cust1 } +queue http_vhosts bandwidth 40% cbq(borrow red) +queue http_cust1 bandwidth 0.5Mb +queue mail bandwidth 10% priority 1 +queue ssh bandwidth 100Kb priority 7 cbq(borrow) +queue rsets bandwidth 7500b priority 0 cbq(red) + +block return in on $ext_if inet all queue rsets +pass in on $ext_if inet proto tcp from any to any port 80 keep state queue http +pass out on $ext_if inet proto tcp from any to any port 22 keep state queue ssh +pass in on $ext_if inet proto tcp from any to any port 22 keep state queue ssh +pass out on $ext_if inet proto tcp from any to any port 25 keep state queue mail +pass out on $ext_if inet all keep state + + |