View into queue
-
been a long time lurker and searched the forums and docs but can't seem to find what I'm looking for. Anyway, is it possible to see what ip's are hitting each queue? while it would be nice to get stats on bw usage and such, right now i would just like to see ip's. watching the overall usage through the queue page shows traffic i'm not expecting to see and would like to be sure my streaming, gaming and voip devices are hitting the right queues.
my rules and shaping (basic for now) queues seem to be setup correctly but hard to be sure
thanks
-
tcpdump incorporating pflog. Search my earlier posts or read "The book of pf" (where I discovered the info).
-
i did see tcpdump with flog, however i can't find where flog is to call it. i do not see it in /var/log/. i will search your posts now, ty
-
jeesh do i feel dumb….. i was looking for a log file but its actually a dirt interface that get called... very cool though, now that i can see the rules
for anyone who has been looking:
tcpdump -nei pflog0 rulenum <#> -
Nullity, just wondering you have any other commands that give good insight. while the rules are helpful, is there actually a queue command?
-
Nullity, just wondering you have any other commands that give good insight. while the rules are helpful, is there actually a queue command?
I do not understand what you are asking.
tcpdump is crazy powerful. IIRC, tcpdump/pflog can separate packets by queue (I thought that was precisely what the example in "The book of pf" was regarding.)
Aside from tcpdump, I usually use pftop to diagnose queueing problems.
-
i was just using tcpdump with some basic pflog commands i found that extended the tcpdump tool. i have yet to go through "The book of pf" as i haven't found an online version as of yet.
-
i was just using tcpdump with some basic pflog commands i found that extended the tcpdump tool. i have yet to go through "The book of pf" as i haven't found an online version as of yet.
I was confused by "while the rules are helpful, is there actually a queue command?"
"queue command"?
-
i think I'm just unsure about what I'm seeing. streaming device alias is hitting rule 82 (qotherslow) while my game device alias is hitting rule 83 (qothershigh)… this should be reversed... double-checked my floating rules and see the ackqueue/queues set up correctly.
-
i think I'm just unsure about what I'm seeing. streaming device alias is hitting rule 82 (qotherslow) while my game device alias is hitting rule 83 (qothershigh)… this should be reversed... double-checked my floating rules and see the ackqueue/queues set up correctly.
Seems like your rules are wrong.
I use Firewall Rule logging to trouble-shoot firewall rules.
-
so are you using floating rules, lan rules, or both?
right now I'm using floating rules. if this is correct, which interface are you choosing