Diffserv Code Point
-
how to see ip traffic that has been marked with a Diffserv Code Point.
for example:pfctl -sr
match out log quick on re0 inet proto tcp from 192.168.30.0/26 to any port = http dscp 0xb8 label "USER_RULE" dnpipe(3, 2)
match out log quick on re0 inet proto tcp from 192.168.30.0/26 to 127.0.0.1 port = http dscp 0xb8 label "USER_RULE" dnpipe(3, 4)
match out log quick on re0 inet proto udp from 192.168.30.0/26 to 127.0.0.1 port = http dscp 0xb8 label "USER_RULE" dnpipe(3, 4)
match out log quick on re0 inet proto tcp from 192.168.30.0/26 to any port = https dscp 0x28 label "USER_RULE" dnpipe(1, 2)
match out log quick on re0 inet proto tcp from 192.168.30.0/26 to 127.0.0.1 label "USER_RULE" dnpipe(3, 4)
match out log quick on re0 inet proto udp from 192.168.30.0/26 to 127.0.0.1 label "USER_RULE" dnpipe(3, 4)
match out log quick on re0 inet proto tcp from 192.168.30.0/26 to 127.0.0.1 port = 3128 dscp 0xb8 label "USER_RULE" dnpipe(3, 4)I have tried to capture packets but can not be seen with certainty that the flow of traffic
thank you -
The rules do not set a DSCP value, they only match a value that already exists in the packet.
It would show up in a packet capture if the packets have already been tagged by whatever originated the traffic.