Wizard generated rules not suitable for common use ?



  • Hi all,

    I'm new to pfSense. I've been testing m0n0 for the past weeks and now want to give pfSense a try. So far so good, i wanted a good QoS for my small 512/128 DSL connection.

    I ran the wizard, set up some options that were relevant to my interests. One of those was to set up MP3 streaming in high priority. I tweaked the qOthersDownH queue so that it gets 40% of download and 192Kb in "real Time" m2. No sure what this all means but it seems to work.

    The wizard generated the following two rule for MP3 streaming :

    From what i understand this rule it is perfect if you are running a shoutcast MP3 streaming server in your LAN, but not for listenning to shoutcasts streams. This was confirmed by the fact that when listening to a shoutcast the traffic was sent to the default queue.

    So i changed the rules to lok like this :

    Using this rule set traffic of the shoutcast i listen gets into the correct queue….

    Can someone confirm this finding ?

    PS : I also noticed that the rules do not get correctly applied if not rebooting, but this is because i might be using the hacom image....



  • Traffic shaping for download (WAN->LAN) traffic for Internet connections is fairly pointless in most cases. Really, all you can control is which traffic exits your LAN interface first which, for home/SOHO use, is not typically bandwidth constrained. Since you must accept traffic from your ISP in whatever order your ISP chooses to send it to you (FIFO), there isn't much, if any, benefit to be had. A caveat for pfSense is that you must have at least one WAN->LAN rule or the traffic shaper generator script breaks.

    For upload (LAN->WAN) of course, traffic shaping is extremely useful.

    Also, instead of rebooting the entire firewall, just reset states. Diagnostics, States, then click the Reset states tab. This will interrupt all established traffic flows, and when you reconnect they should fall into the right queues. You need to do this because applying a new traffic shaper policy doesn't affect connections that have already been established, only new connections.


Log in to reply