Apply Traffic Shaping without change all firewall rules created.
I have a system with pfSense running correctly.
It has three WAN Interfaces and each group of users are enrouted to a WAN Interface determined.
Now, I want apply Traffic Shaping to distribute the bandwlth of each WAN Interface between each group of users without protocol discrimination but I wantn't change all my defined firewall rules.
Can I do this easily?
Can anybody gives me a helping hand with this?
You are already matching traffic to effect policy routing. Just assign the shapers or limiters there.
@Derelict thaks by your answer,
You want say me that I create a the shapers or limiter and assign to the firewall rules that I have created on the firewall, isn't?
But if I have over 200 firewall rules, uuuhhhmmm...
I have readed that exist the Floating Rules that they are checked before than check the Firewall rules.
Would this be the solution?
Create a shaper or limiter and create a Floating Rule with the shaper / limiter created.
Regards and thank so much.
You could assign queues/limiters with a match floating rule if that works for you.
@Derelict I thought that the rules were ejecuted as follow:
Floating Rule (Match) --> Firewall Rule (Accept / Block /Reject)
Is this correct or is executed the Floating Rules or the Firewall Rules?
You can match the traffic with a floating rule and set the queues, then the interface rules are processed. You only need to set the queues once.
@Derelict thanks so much, I'm going to test it with a single IP to see if work fine.
Another thing, do you know if there are a flow traffic scheme that explain where is applied each functionality of pfSense to the traffic that go through the firewall and how it is affected?
By example, something similar to this but more complete:
Traffic Interface IN --> Floating Rules --> Schedule Rules --> Interface Firewall Rules --> Traffic Interface OUT
It's only an example, I do not saying that it's correct.
This is probably the best place to start: