What´s the issue with transparent shaping
-
Hi,
yes, I read it in the "tricks" thread at the beginning….
dvserg said that his experience is that, only incoming traffic is shaped....
can you point me to some files?
kind regards,
mrt_ok -
Hi,
yes, I read it in the "tricks" thread at the beginning….
dvserg said that his experience is that, only incoming traffic is shaped....
can you point me to some files?
kind regards,
mrt_ok/etc/inc/filter.inc
/etc/inc/shaper.inc
/usr/local/www/shaper
/usr/local/www/wizards/traffic_shaper_wizard.xml (or something…going from memory)
/tmp/rules.debug (dynamically generated rules file)That should get you just about everything related to traffic shaping.
--Bill -
thank you guys,
mrt_ok
-
Good luck, if you can improve it, I am interested in looking at the code. Else some day in the mythical future when I have time to get a round tuit I'll probably spend some time on the shaper code again…too many projects, not enough time.
--Bill
-
Hi all,
after a brief code review and of cause the generated rules for certain configurations I´m a bit confused because I´m not sure aboout the basic configuration for a bridged shaper setup. then i dig into pf basics, transparent firewall setup and bridged setup.
the guidelines which I found are (taken from http://ezine.daemonnews.org/200207/transpfobsd.html):
1. create only rules for outgoing traffic (ingoing is not supported, doesn´t make sense)
2. create rules only on one interface of the bridge, allow all traffic in each direction on the otherafter this configuration mentioned in the example above, only adding the altq stuff is needed (I guess), taken from pf-FAQ:
altq on fxp0 cbq bandwidth 2Mb queue { std, ssh, ftp }
queue std bandwidth 50% cbq(default)
queue ssh bandwidth 25% { ssh_login, ssh_bulk }
queue ssh_login bandwidth 25% priority 4 cbq(ecn)
queue ssh_bulk bandwidth 75% cbq(ecn)
queue ftp bandwidth 500Kb priority 3 cbq(borrow red)having a rule which assigns the desired traffic to this queues:
e.g. pass out on fxp0 from any to any port 22 queue sshnow my traffic shaping setup on a bridged environment should be complete!?
comments are welcome ;-)
sorry that this is just a theoretically approach…
thx,
mrt_ok -
Now look at how our rules are generated. There's a reason it's difficult for humans to hand write shaping rules.
–Bill
-
We really want to get these thing fixed but everyone should stop and read what we have read. There are many sections in wiki.pfsense.com (not to be confused with doc.pfsense.com) which go over what we have learned from HFSC. HFSC is quite the math gurus dream come true. It does require a bit of thought and there IS ways of making this work.
I would highly recommend reading the thread http://forum.pfsense.org/index.php/topic,2484.0.html … Quite a eye raiser.
-
Hi,
after reading your suggested posts, I´m a bit confused again :-)
of cause it´s not easy to calculate the different bandwidth of the queues, but that was not my intention …
I just wanted to know, what has to be done to get this transparent shaping thing to work (with or without wizard)
thanks,
mrt_ok -
hi guys,
please let me know when do you start to solve the transparent shaper issues. I´d like to contribute if my old PHP and firewall know how can help.
i had to tell my customer to timeshift the decision a bit - so there is a chance to place pfsense again - cause I think it´s a great project !
in case of a deal i´d like to donate - of cause!kind regards,
mrt_ok -
hi guys,
please let me know when do you start to solve the transparent shaper issues. I´d like to contribute if my old PHP and firewall know how can help.
i had to tell my customer to timeshift the decision a bit - so there is a chance to place pfsense again - cause I think it´s a great project !
in case of a deal i´d like to donate - of cause!kind regards,
mrt_okhttp://forum.pfsense.org/index.php/topic,2686.0.html