Traffic shaper changes [90% completed, please send money to complete bounty]
-
What do you mean by load balance does not work?!
-
ermal, I have tried to enable the load balance but only the WAN1 will get all the load but it works well in 1.2 official release. is this also a bug? or just missing something?
chris
-
Can you please send me your rules.debug privately.
-
Hello ermal, pm sent :)
chris
-
Hello ermal,
i got this error. :( think this is the load balancer error. any ideas?
Jul 11 01:52:21 php: : New alert found: There were error(s) loading the rules: /tmp/rules.debug:146: syntax error pfctl: Syntax error in config file: pf rules not loaded The line in question reads [146]: pass in quick on $lan route-to { ( xl0 192.168.3.1 ) } from 192.168.0.0/24 to /32 keep state label "USER_RULE: Make sure DMZ 2 traffic goes to WAN2 DMZ"
Jul 11 01:52:21 php: : There were error(s) loading the rules: /tmp/rules.debug:146: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [146]: pass in quick on $lan route-to { ( xl0 192.168.3.1 ) } from 192.168.0.0/24 to /32 keep state label "USER_RULE: Make sure DMZ 2 traffic goes to WAN2 DMZ"chris
-
ermal, problem solve :) just change my ip /32 to /24
-
ermal,
load balance is now working :) and sticky connection option appears :) i am now testing your traffic shaper. My first problem is that the system can only see one interface. is this normal?chris
-
ermal,
I tried to used by queue tab and clone shaper. is this good?chris
-
Well i think the vx driver is not on the list of hardware interfaces that support ALTQ, the traffic shaper.
I searched a little bit and i cannot come to a conclusion can you please verify if it supports it or not?
Instructions to enter it on the list of supported ALTQ interfaces:
Go to Diagnostics->Edit File
load /etc/inc/interfaces.inc
search for "is_altq_capable" function
add it to the list there - after ,"ste" add the line ,"vx"
Save
Go to the traffic shaper and it should show the interfaces
Make a simple configuration and reload the rules.
If it does work report back so it get added to the list.Ermal
-
you right ermal vx is not supported :(
php: : New alert found: There were error(s) loading the rules: pfctl: vx1: driver does not support altq The line in question reads [ vx1]:
Jul 12 00:21:49 php: : There were error(s) loading the rules: pfctl: vx1: driver does not support altq - The line in question reads [ vx1]:so i need another new lan cards
chris -
bug?
I have am trying to use the penalty box feature and added an alias to it during the wizard setup. It does not look like that it is working. The penalty box used to have its own que and I finaly noticed that it was added to the qotherslow. I am not seeing any traffic going through this que even though there are people using ip's associated with the alias.
Anything special I need to do?Thanks,
Tom -
Try to see if you are overridng the selection with a policy/rule on the interfaces tab.
Since the wizard creates a ruleset but you have to be careful when adding rules on the interfaces since they override every rule on the floating tab that does not have quick checked.Read previous posts where i go in detail about this.
If you are doing this for optional interfaces too please check posts before cause you need to apply a fix for that
till the new update goes out after the move to FreeBSD 7 has settled.Ermal
-
That was it! I missed the quick part in reading the posts.
Thanks!
Tom -
Could the total bounties received be posted in the first post?
What will be required to get this included in pfsense 1.2.1?
-
Could the total bounties received be posted in the first post?
What will be required to get this included in pfsense 1.2.1?
You can look 1.2.1 beta
-
Huh?
-
1.2.1 will be a version to fix up the bugs from 1.2 and introduce FreeBSD 7
No features will be added…
-
I would love to contribute. Can I get a confirmation that there is an embedded version of the new shaper for people who contribute?
-
yes.
-
This sounds great. Also, at some point will this make it into the public product? Or will this always be private?