Another traffic shaping question

  • Im new to pfSense, so hello everyone :)

    Oki, quick run through of the setup in question:

    pfSense 2.0 Release(i386) - Single LAN, Single WAN - 25/25 Fiber internet

    pfSense LAN ip :
    Client LAN ip :
    WAN ip: (example)
    uTorrent static port: 30000

    Oki, ive run the "Multi WAN, single LAN" wizard as per pfSense doc.. And to simplify things im gonna ask to see if i understand this correct..

    In my states log i get this when i open a regular webpage (ofc. loads of loads of more.. but for simplicity) port) -> translated random port??) -> (the webserver im connecting to)
    Then i get: <-

    Now, i asume this is data from my client TO the webserver, and back. A default floating rule of "WAN - TCP - ANY - port 80 - qACK/qHighPrio" should tackle this.. right? Atleast i would understand that data coming and going on port 80 on the WAN side, would get into this queue.. And from what i gather, it seem to be put in the correct queue..

    However.. Torrent traffic is a wee bit worse.. This is kinda what it looks like: (utorrent port) -> nat port) -> port depending on their torrent client)
    and <-

    Now, the last traffic here i would suppose be picked up by my "torrent rule".. ie: "WAN - TCP/UDP - ANY - Port 30000 - none/qP2P" .. Am i right so far?

    The first tho, how would that be picked up? It does not enter "into" the WAN interface in any shape or form as port 30000. What i did was make a copy of my WAN rule as a LAN rule (as packets would atleast travel from my client into the LAN on port 30000 before it gets translated to a random NAT port of some kind. But i still seem to end up with the bulk of the P2P traffic in the "default" queue. Not sure if the "LAN/WAN" setting actually work this way?

    Yes, i know torrents are "hard", but is there absolutely no way of doing this without making a "p2p catchall" rule?

    And a quick one at last. Im no network guru by any kinds, or i would prolly have figured this out by now, but am i to understand that the floating rules that it will match the top rule first, and skip the rest, or will it check all the rules before making a decision?

    #1: WAN - TCP - ANY - port 80 - qACK/qHighPrio
    #2: WAN - ANY - ANY - IP: - qLowPrio/qP2P

    What would happen with webtraffic on my client ( Would it "pass" the first rule and be put in highprio queue? or would the last rule override everything?

    Sorry for my n00bish questions, but i really hope someone can answer them in a "as easy that your mother would understand" manner :)


Log in to reply