Another traffic shaping question
-
Im new to pfSense, so hello everyone :)
Oki, quick run through of the setup in question:
pfSense 2.0 Release(i386) - Single LAN, Single WAN - 25/25 Fiber internet
Example:
pfSense LAN ip : 192.168.0.1
Client LAN ip : 192.168.0.10
WAN ip: 200.200.200.200 (example)
uTorrent static port: 30000Oki, ive run the "Multi WAN, single LAN" wizard as per pfSense doc.. And to simplify things im gonna ask to see if i understand this correct..
In my states log i get this when i open a regular webpage (ofc. loads of loads of more.. but for simplicity)
192.168.0.10:34553(rand port) -> 200.200.200.200:22342(NAT translated random port??) -> 100.100.100.100:80 (the webserver im connecting to)
Then i get:
100.100.100.100:80 <- 192.168.0.10:34553Now, i asume this is data from my client TO the webserver, and back. A default floating rule of "WAN - TCP - ANY - port 80 - qACK/qHighPrio" should tackle this.. right? Atleast i would understand that data coming and going on port 80 on the WAN side, would get into this queue.. And from what i gather, it seem to be put in the correct queue..
However.. Torrent traffic is a wee bit worse.. This is kinda what it looks like:
192.168.0.10:30000 (utorrent port) -> 200.200.200.200:54332(random nat port) -> 123.123.123.123:32344(random port depending on their torrent client)
and
123.123.123.123:32344 <- 192.168.0.10:30000Now, the last traffic here i would suppose be picked up by my "torrent rule".. ie: "WAN - TCP/UDP - ANY - Port 30000 - none/qP2P" .. Am i right so far?
The first tho, how would that be picked up? It does not enter "into" the WAN interface in any shape or form as port 30000. What i did was make a copy of my WAN rule as a LAN rule (as packets would atleast travel from my client into the LAN on port 30000 before it gets translated to a random NAT port of some kind. But i still seem to end up with the bulk of the P2P traffic in the "default" queue. Not sure if the "LAN/WAN" setting actually work this way?
Yes, i know torrents are "hard", but is there absolutely no way of doing this without making a "p2p catchall" rule?
And a quick one at last. Im no network guru by any kinds, or i would prolly have figured this out by now, but am i to understand that the floating rules that it will match the top rule first, and skip the rest, or will it check all the rules before making a decision?
Ex:
#1: WAN - TCP - ANY - port 80 - qACK/qHighPrio
#2: WAN - ANY - ANY - IP:192.168.0.10 - qLowPrio/qP2PWhat would happen with webtraffic on my client (192.168.0.10)? Would it "pass" the first rule and be put in highprio queue? or would the last rule override everything?
Sorry for my n00bish questions, but i really hope someone can answer them in a "as easy that your mother would understand" manner :)
C