• How to Limit Bandwidth per IP?

    Locked
    9
    0 Votes
    9 Posts
    25k Views
    C
    Or, if you require authorization, you can do this with any RADIUS server supporting sending bandwidth parameters in RADIUS attributes (e.g., UTM5 RADIUS, freeRADIUS, etc.). @Sh4: I am pretty sure you can do this with Squid if we are talking about http traffic.
  • Burstable "classes"?

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Asterisk AIX2 (4569) Shaping.

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    L
    Update… While searching through the forums, I came accross this: http://forum.pfsense.org/index.php/topic,9782.0.html I enabled the shaping rules, rebooted the box, and, SHAZAM!, UDP 4569 traffic is now redirected to the proper queues... Don't know if this is a BUG or a Feature, but at least I can prioritize my VoIP traffic.. Thanks L2
  • Categorizing network traffic?

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    E
    @kingjos: Also, is there any development in the 1.3 traffic shaper regarding layer 7 filtering? Want to sponsor it?!
  • [ASK] Distribute bandwidth evenly to each client

    Locked
    9
    0 Votes
    9 Posts
    6k Views
    S
    pf + ALTQ + borrow ?
  • How to improve latency of pfsense

    Locked
    6
    0 Votes
    6 Posts
    8k Views
    S
    Quality of the modem/router indeed affect latency, thats one of the reasons we don't use a soho linksys router in a datacenter, a well configured pfsense gateway should provide the lan users a better connection quality than some soho stuff. But once you fixed the hardware bottleneck theres nothing you can do.
  • Pentalty Time

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    S
    This seems to fit my question well. I would like to schedule my traffic shaping rules, this is not possible with 1.2 if I understanded correctly? I have sucessfully restricted youtube/facebook speeds with traffic shaper, but would like to apply em only during office hours (8.00-16.00).
  • Guide?

    Locked
    10
    0 Votes
    10 Posts
    5k Views
    C
    Can anyone advise me why I might be getting drops on qOthersUpH? [image: shaper1.jpg] <shaper><schedulertype>hfsc</schedulertype> <queue><name>qwanRoot</name> <associatedrule>0</associatedrule> <priority>0</priority> <parentqueue>on</parentqueue> <bandwidth>723</bandwidth> <bandwidthtype>Kb</bandwidthtype></queue> <queue><schedulertype><bandwidth>10240</bandwidth> <bandwidthtype>Kb</bandwidthtype> <priority>0</priority> <name>qlanRoot</name> <borrow><linkshare><linkshare3><linkshare2><linkshare1><realtime><realtime3><realtime2><realtime1><upperlimit><upperlimit3><upperlimit2><upperlimit1><parentqueue>on</parentqueue> <attachtoqueue><associatedrule><rio><red><ecn><defaultqueue></defaultqueue></ecn></red></rio></associatedrule></attachtoqueue></upperlimit1></upperlimit2></upperlimit3></upperlimit></realtime1></realtime2></realtime3></realtime></linkshare1></linkshare2></linkshare3></linkshare></borrow></schedulertype></queue> <queue><schedulertype><bandwidth>10</bandwidth> <bandwidthtype>%</bandwidthtype> <priority>1</priority> <name>qwandef</name> <borrow><linkshare><linkshare3><linkshare2><linkshare1><realtime>on</realtime> <realtime3>1%</realtime3> <realtime2><realtime1><upperlimit><upperlimit3><upperlimit2><upperlimit1><parentqueue><attachtoqueue>qwanRoot</attachtoqueue> <associatedrule><rio><red><ecn><defaultqueue>on</defaultqueue></ecn></red></rio></associatedrule></parentqueue></upperlimit1></upperlimit2></upperlimit3></upperlimit></realtime1></realtime2></linkshare1></linkshare2></linkshare3></linkshare></borrow></schedulertype></queue> <queue><schedulertype><bandwidth>10</bandwidth> <bandwidthtype>%</bandwidthtype> <priority>1</priority> <name>qlandef</name> <borrow><linkshare><linkshare3><linkshare2><linkshare1><realtime>on</realtime> <realtime3>1%</realtime3> <realtime2><realtime1><upperlimit><upperlimit3><upperlimit2><upperlimit1><parentqueue><attachtoqueue>qlanRoot</attachtoqueue> <associatedrule><rio><red><ecn><defaultqueue>on</defaultqueue></ecn></red></rio></associatedrule></parentqueue></upperlimit1></upperlimit2></upperlimit3></upperlimit></realtime1></realtime2></linkshare1></linkshare2></linkshare3></linkshare></borrow></schedulertype></queue> <queue><schedulertype><bandwidth>30</bandwidth> <bandwidthtype>%</bandwidthtype> <priority>7</priority> <name>qwanacks</name> <borrow><linkshare><linkshare3><linkshare2><linkshare1><realtime>on</realtime> <realtime3>10%</realtime3> <realtime2><realtime1><upperlimit><upperlimit3><upperlimit2><upperlimit1><parentqueue><attachtoqueue>qwanRoot</attachtoqueue> <associatedrule><ack>on</ack> <rio><red><ecn><defaultqueue></defaultqueue></ecn></red></rio></associatedrule></parentqueue></upperlimit1></upperlimit2></upperlimit3></upperlimit></realtime1></realtime2></linkshare1></linkshare2></linkshare3></linkshare></borrow></schedulertype></queue> <queue><schedulertype><bandwidth>30</bandwidth> <bandwidthtype>%</bandwidthtype> <priority>7</priority> <name>qlanacks</name> <borrow><linkshare><linkshare3><linkshare2><linkshare1><realtime>on</realtime> <realtime3>10%</realtime3> <realtime2><realtime1><upperlimit><upperlimit3><upperlimit2><upperlimit1><parentqueue><attachtoqueue>qlanRoot</attachtoqueue> <associatedrule><ack>on</ack> <rio><red><ecn><defaultqueue></defaultqueue></ecn></red></rio></associatedrule></parentqueue></upperlimit1></upperlimit2></upperlimit3></upperlimit></realtime1></realtime2></linkshare1></linkshare2></linkshare3></linkshare></borrow></schedulertype></queue> <queue><name>qP2PUp</name> <attachtoqueue>qwanRoot</attachtoqueue> <associatedrule>0</associatedrule> <priority>1</priority> <red>on</red> <ecn>on</ecn> <realtime>on</realtime> <realtime3>1Kb</realtime3> <bandwidth>1</bandwidth> <bandwidthtype>%</bandwidthtype> <qlimit>500</qlimit></queue> <queue><name>qP2PDown</name> <attachtoqueue>qlanRoot</attachtoqueue> <associatedrule>0</associatedrule> <priority>1</priority> <red>on</red> <ecn>on</ecn> <realtime>on</realtime> <realtime3>1Kb</realtime3> <bandwidth>1</bandwidth> <bandwidthtype>%</bandwidthtype> <qlimit>500</qlimit></queue> <queue><schedulertype><bandwidth>20</bandwidth> <bandwidthtype>%</bandwidthtype> <priority>4</priority> <name>qOthersUpH</name> <borrow><linkshare><linkshare3><linkshare2><linkshare1><realtime>on</realtime> <realtime3>1Kb</realtime3> <realtime2><realtime1><upperlimit><upperlimit3><upperlimit2><upperlimit1><parentqueue><attachtoqueue>qwanRoot</attachtoqueue> <associatedrule><rio><red>on</red> <ecn>on</ecn> <defaultqueue></defaultqueue></rio></associatedrule></parentqueue></upperlimit1></upperlimit2></upperlimit3></upperlimit></realtime1></realtime2></linkshare1></linkshare2></linkshare3></linkshare></borrow></schedulertype></queue> <queue><schedulertype><bandwidth>20</bandwidth> <bandwidthtype>%</bandwidthtype> <priority>4</priority> <name>qOthersDownH</name> <borrow><linkshare><linkshare3><linkshare2><linkshare1><realtime>on</realtime> <realtime3>1Kb</realtime3> <realtime2><realtime1><upperlimit><upperlimit3><upperlimit2><upperlimit1><parentqueue><attachtoqueue>qlanRoot</attachtoqueue> <associatedrule><rio><red>on</red> <ecn>on</ecn> <defaultqueue></defaultqueue></rio></associatedrule></parentqueue></upperlimit1></upperlimit2></upperlimit3></upperlimit></realtime1></realtime2></linkshare1></linkshare2></linkshare3></linkshare></borrow></schedulertype></queue> <queue><name>qOthersUpL</name> <attachtoqueue>qwanRoot</attachtoqueue> <associatedrule>0</associatedrule> <priority>2</priority> <red>on</red> <ecn>on</ecn> <realtime>on</realtime> <realtime3>1Kb</realtime3> <bandwidth>1</bandwidth> <bandwidthtype>%</bandwidthtype> <qlimit>500</qlimit></queue> <queue><name>qOthersDownL</name> <attachtoqueue>qlanRoot</attachtoqueue> <associatedrule>0</associatedrule> <priority>2</priority> <red>on</red> <ecn>on</ecn> <realtime>on</realtime> <realtime3>1Kb</realtime3> <bandwidth>1</bandwidth> <bandwidthtype>%</bandwidthtype> <qlimit>500</qlimit></queue> <rule><inqueue>qOthersDownH</inqueue> <outqueue>qOthersUpH</outqueue> <in-interface>lan</in-interface> <out-interface>wan</out-interface> <source> <network>lan</network> <destination><any><port>25-25</port></any></destination> <descr>m_Other SMTP outbound</descr> <protocol>tcp</protocol></rule> <rule><inqueue>qOthersUpH</inqueue> <outqueue>qOthersDownH</outqueue> <in-interface>wan</in-interface> <out-interface>lan</out-interface> <source> <any><destination><network>lan</network> <port>25-25</port></destination> <descr>m_Other SMTP inbound</descr> <protocol>tcp</protocol></any></rule> <rule><inqueue>qOthersDownH</inqueue> <outqueue>qOthersUpH</outqueue> <in-interface>lan</in-interface> <out-interface>wan</out-interface> <source> <network>lan</network> <destination><any><port>80-80</port></any></destination> <descr>m_Other HTTP outbound</descr> <protocol>tcp</protocol></rule> <rule><inqueue>qOthersUpH</inqueue> <outqueue>qOthersDownH</outqueue> <in-interface>wan</in-interface> <out-interface>lan</out-interface> <source> <any><destination><network>lan</network> <port>80-80</port></destination> <descr>m_Other HTTP inbound</descr> <protocol>tcp</protocol></any></rule> <rule><inqueue>qOthersDownH</inqueue> <outqueue>qOthersUpH</outqueue> <in-interface>lan</in-interface> <out-interface>wan</out-interface> <source> <network>lan</network> <destination><any><port>443-443</port></any></destination> <descr>m_Other HTTPS outbound</descr> <protocol>tcp</protocol></rule> <rule><inqueue>qOthersUpH</inqueue> <outqueue>qOthersDownH</outqueue> <in-interface>wan</in-interface> <out-interface>lan</out-interface> <source> <any><destination><network>lan</network> <port>443-443</port></destination> <descr>m_Other HTTPS inbound</descr> <protocol>tcp</protocol></any></rule> <rule><inqueue>qOthersDownH</inqueue> <outqueue>qOthersUpH</outqueue> <in-interface>lan</in-interface> <out-interface>wan</out-interface> <source> <network>lan</network> <destination><any><port>53-53</port></any></destination> <descr>m_Other DNS1 outbound</descr> <protocol>tcp</protocol></rule> <rule><inqueue>qOthersDownH</inqueue> <outqueue>qOthersUpH</outqueue> <in-interface>lan</in-interface> <out-interface>wan</out-interface> <source> <network>lan</network> <destination><any><port>53-53</port></any></destination> <descr>m_Other DNS2 outbound</descr> <protocol>udp</protocol></rule> <rule><inqueue>qOthersUpH</inqueue> <outqueue>qOthersDownH</outqueue> <in-interface>wan</in-interface> <out-interface>lan</out-interface> <source> <any><destination><network>lan</network> <port>3389-3389</port></destination> <descr>m_Other MSRDP inbound</descr> <protocol>tcp</protocol></any></rule> <rule><inqueue>qOthersDownH</inqueue> <outqueue>qOthersUpH</outqueue> <in-interface>lan</in-interface> <out-interface>wan</out-interface> <source> <network>lan</network> <destination><any><port>3389-3389</port></any></destination> <descr>m_Other MSRDP outbound</descr> <protocol>tcp</protocol></rule> <rule><inqueue>qOthersDownH</inqueue> <outqueue>qOthersUpH</outqueue> <in-interface>lan</in-interface> <out-interface>wan</out-interface> <source> <network>lan</network> <destination><any></any></destination> <descr>m_Other ICMP outbound</descr> <protocol>icmp</protocol></rule> <rule><inqueue>qOthersUpH</inqueue> <outqueue>qOthersDownH</outqueue> <in-interface>wan</in-interface> <out-interface>lan</out-interface> <source> <any><destination><network>lan</network></destination> <descr>m_Other ICMP inbound</descr> <protocol>icmp</protocol></any></rule> <rule><in-interface>wan</in-interface> <out-interface>lan</out-interface> <protocol>tcp</protocol> <source> <any><destination><network>lan</network></destination> <direction><iptos><tcpflags><descr>m_P2P BitTorrent inbound</descr> <inqueue>qP2PUp</inqueue> <outqueue>qP2PDown</outqueue></tcpflags></iptos></direction></any></rule> <rule><in-interface>wan</in-interface> <out-interface>lan</out-interface> <protocol>udp</protocol> <source> <any><destination><network>lan</network></destination> <direction><iptos><tcpflags><descr>m_P2P BitTorrent inbound</descr> <inqueue>qP2PUp</inqueue> <outqueue>qP2PDown</outqueue></tcpflags></iptos></direction></any></rule> <rule><in-interface>lan</in-interface> <out-interface>wan</out-interface> <protocol>tcp</protocol> <source> <network>lan</network> <destination><any></any></destination> <direction><iptos><tcpflags><descr>m_P2P BitTorrent outbound</descr> <inqueue>qP2PDown</inqueue> <outqueue>qP2PUp</outqueue></tcpflags></iptos></direction></rule> <rule><in-interface>lan</in-interface> <out-interface>wan</out-interface> <protocol>udp</protocol> <source> <network>lan</network> <destination><any></any></destination> <direction><iptos><tcpflags><descr>m_P2P BitTorrent outbound</descr> <inqueue>qP2PDown</inqueue> <outqueue>qP2PUp</outqueue></tcpflags></iptos></direction></rule> <enable></enable></shaper> <ezshaper><step2><download>10679</download> <upload>723</upload> <inside_int>lan</inside_int> <outside_int>wan</outside_int></step2> <step3><provider>Generic</provider> <address> <bandwidth>32</bandwidth> <step4><address> <bandwidthup><bandwidthdown><step5><enable>on</enable> <bandwidthup><bandwidthdown><bittorrent>on</bittorrent> <edonkey2000>on</edonkey2000></bandwidthdown></bandwidthup></step5> <step7><enable>on</enable> <msrdp>H</msrdp> <vnc>D</vnc> <appleremotedesktop>D</appleremotedesktop> <pcanywhere>D</pcanywhere> <irc>D</irc> <jabber>D</jabber> <icq>D</icq> <aolinstantmessenger>D</aolinstantmessenger> <msnmessenger>D</msnmessenger> <teamspeak>D</teamspeak> <pptp>D</pptp> <ipsec>D</ipsec> <streamingmp3>D</streamingmp3> <rtsp>D</rtsp> <http>H</http> <smtp>H</smtp> <pop3>D</pop3> <imap>D</imap> <lotusnotes>D</lotusnotes> <dns>H</dns> <icmp>H</icmp> <smb>D</smb> <snmp>D</snmp> <mysqlserver>D</mysqlserver> <nntp>D</nntp> <cvsup>D</cvsup></step7> ![](http://www.cheesyboofs.co.uk/upload/shaper2.jpg) ![](http://www.cheesyboofs.co.uk/upload/shaper3.jpg)</bandwidthdown></bandwidthup> </address></step4> </address></step3></ezshaper>
  • Shaper & radius attribute for QoS does not work

    Locked
    2
    0 Votes
    2 Posts
    3k Views
    E
    Sorry but that should work in the forthcoming 1.3 version.
  • Open all traffic in LAN Subnet

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    GruensFroeschliG
    Maybe you could draw us a diagram of your network. But traffic from within your LAN destined to you LAN will never go over the firewall –> pfSense never ever sees this traffic.
  • Bandwidth limiting each workstation

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Question about shaping by ip

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • VOIP Shaping when the Asterisk server is remote

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Can I bandwidth limit vlans?

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    P
    Afaik it can only be done with the bounty shaper
  • Reboot for udp traffic ?

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • MOVED: Proxy only for por 80

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Restrict All Bandwidth on Interface?

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    W
    Going to be a luser and post a reply to my own question right away. I'm going through again, and this time I notice the "Penalty Box" section that does seem to put absolute caps on upload and download bandwidth. Seems to me that I could specify the IP range of the WiFi interface (172.16.0.0/24) for the address value, then just put in the numbers I want. Would that work? (I know, I know… just go try it out and see....)
  • Ermals shaper

    Locked
    10
    0 Votes
    10 Posts
    5k Views
    E
    [1] the rules produced by the wizard are latest match ones. Meaning the latest match takes the action. For the ip i will take a look at all the things i am fixing in the wizards! [2] It is all transparent it means that if you have load balancing active the rules will convert to conform to it automatically when they reload.
  • Network Speed Settings for PPPoE in Traffic Shaper Wizard 1st Page

    Locked
    7
    0 Votes
    7 Posts
    4k Views
    P
    Hi guys! Trying to figure out the traffic shaper, does it mean that if I have 2000 kbits download I have to deduct at least 70 kbits to set the correct value?
  • [Solved] traffic not being controlled properly

    Locked
    3
    0 Votes
    3 Posts
    3k Views
    C
    Well, unfortunately that computer is not on the network right now, so I can't tell, but I did set a static IP to that IP address that I have in the traffic shaper and it followed the rules, so I'm hoping that when the computer comes back to the network it will do the same. I can see the traffic in the queue. When I said encrypted traffic I meant mainly from bittorrent. Thats the main reason why I want to put a squeeze on this computer is because its consuming the whole network, bring it to a crawl. I set the upload to 256kbits/sec and 2500 kbits down, that seems fair, but won't destroy the network. We have a 16/2 business comcast setup. I setup a test computer on that IP and ran encrypted bittorrent of a linux ISO download and it followed the rules, so I hope it works now. I don't know why it wasn't working before.  ??? I didn't change anything.  :-\ Edit: I think I figured it out why it wasn't working. I turned on the traffic shaper while the computer was downloading, expecting it to start slowing all of the active connections down, but the traffic shaper needs to be in place before the computer starts downloading things again. So, I will leave the traffic shaper enabled and when the computer comes back to the network I will see if it now follows the rules.  :o ;D I figured this out by looking at the queues, some traffic was going through the shaper, and already open connections were going through the LAN/WAN queues. Thanks for pointing me in the right direction. BTW, I think I was expecting it to act like it did in m0n0wall, where as soon as you enabled it, it would slow open connections, not just new ones starting.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.