Traffic Shaping on Floating Rules

supermega

Hi guys

I'm trying to do traffic shaping for some floating rules. I created new limiters for up and download bandwith and add this to a rule. (have a look at the pictures)

The problem is that if I do a speedtest (doesn't matter ipv4 or ipv6) the maximum bandwith is used.

regards

supermega

jimp

When using limiters on pass rules, make sure you check "quick" or it will fall through to other rules and not use that one.

Or use the Match action, not pass. I believe that should work with limiters on current 2.1 snapshots.

supermega

Thanks for your answer

I enabled the quick option in the firewall rules but it still doesn't work. I do not understand exatcly how many and what I have to configure.

Did I need 4 rules ?

–> ipv4 direction IN and limiter IN and OUT
      --> ipv4 direction OUT and limiter IN and OUT
      --> ipv6 direction IN and limiter IN and OUT
      --> ipv6 direction OUT and limiter IN and OUT

regards

supermega

supermega

Hi there

Can somebody please explain me how I have to configure the traffic shaping on floating rule. I have some knowledge problems to get this working.

The goal is that 3 interfaces can share a defined amount of bandwith for up and download.

regards

supermega

UPDATE: When I set the floating rule direction to IN I can ping from the OPT1 to the Internet. After I set the limiter parameters IN/OUT the connection doesn't work anymore :(

panz

Forgive my lack of knowledge about pf, but setting a "pass action" on a floating rule, direction -> in, could be a risk for internal LAN protection? (or should we use "match" instead, as suggested).