[FUG-BR] ALTQ e pf
Márcio Luciano Donada
mdonada em gmail.com
Terça Julho 28 17:08:36 BRT 2009
Nenhum_de_Nos escreveu:
> On Tue, July 28, 2009 10:19, Giancarlo Rubio wrote:
>
>> 2009/7/28 Márcio Luciano Donada <mdonada em gmail.com>:
>>
>>> Senhores,
>>> O pessoal que utiliza ALTQ e pf, o que estão utiliza para gerar reports
>>> do controle de banda feito? Ou somente através do pfctl -vqs?
>>>
>> Eu uso no shell mesmo
>>
>> #while true;do clear && pfctl -sq -v && sleep 1;done
>>
>> Se quiser gerar gráficos já usei esse symon[1]. É bom e tem sua
>> configuração muito rápida.
>>
Pessoal,
Fiz uma configuração do ALTQ e pf, abaixo:
ext_if="sis0"
int_if="xl0"
rede_local="192.168.16.0/24"
altq on $ext_if cbq bandwidth 1Mb queue { std, sistema, www_int, ssh, mail }
queue std bandwidth 4% cbq(default)
queue sistema bandwidth 51% priority 2 cbq(borrow red)
queue mail bandwidth 10% priority 0 cbq(borrow ecn)
queue ssh bandwidth 5% cbq(borrow)
queue www_int bandwidth 30% cbq(borrow)
altq on $int_if cbq bandwidth 1Mb queue { std_in, sistema_in, www_in,
ssh_in, mail_in }
queue std_in bandwidth 4% cbq (default)
queue sistema_in bandwidth 51% priority 2 cbq(borrow red)
queue mail_in bandwidth 10% priority 0 cbq(borrow ecn)
queue ssh_in bandwidth 5% cbq(borrow)
queue www_in bandwidth 30% cbq(borrow)
#pass return out on $ext_if inet all queue std
pass in on $ext_if inet proto tcp from any to any port {
25,80,443,8000,8080 } queue www_int keep state
pass in on $ext_if inet proto tcp from any to any port { 7777, 7778 }
queue sistema keep state
ATé ai tudo bem porém quando eu rodo o pfctl -sq -v ele nao montra
nenhum tipo de conexao realizado, por exemplo, na regra onde consta o
queue www_int, como mostra abaixo,
queue root_sis0 on sis0 bandwidth 1Mb priority 0 cbq( wrr root ) {std,
sistema, mail, ssh, www_int}
[ pkts: 3650 bytes: 407553 dropped pkts: 0
bytes: 0 ]
[ qlength: 0/ 50 borrows: 0 suspends: 0 ]
queue std on sis0 bandwidth 40Kb cbq( default )
[ pkts: 3485 bytes: 379467 dropped pkts: 0
bytes: 0 ]
[ qlength: 0/ 50 borrows: 0 suspends: 1 ]
queue sistema on sis0 bandwidth 510Kb priority 2 cbq( red borrow )
[ pkts: 165 bytes: 28086 dropped pkts: 0
bytes: 0 ]
[ qlength: 0/ 50 borrows: 0 suspends: 0 ]
queue mail on sis0 bandwidth 100Kb priority 0 cbq( red ecn borrow )
[ pkts: 0 bytes: 0 dropped pkts: 0
bytes: 0 ]
[ qlength: 0/ 50 borrows: 0 suspends: 0 ]
queue ssh on sis0 bandwidth 50Kb cbq( borrow )
[ pkts: 0 bytes: 0 dropped pkts: 0
bytes: 0 ]
[ qlength: 0/ 50 borrows: 0 suspends: 0 ]
queue www_int on sis0 bandwidth 300Kb cbq( borrow )
[ pkts: 0 bytes: 0 dropped pkts: 0
bytes: 0 ]
[ qlength: 0/ 50 borrows: 0 suspends: 0 ]
queue root_xl0 on xl0 bandwidth 1Mb priority 0 cbq( wrr root ) {std_in,
sistema_in, mail_in, ssh_in, www_in}
[ pkts: 22942 bytes: 2860974 dropped pkts: 0
bytes: 0 ]
[ qlength: 0/ 50 borrows: 0 suspends: 0 ]
queue std_in on xl0 bandwidth 40Kb cbq( default )
[ pkts: 22942 bytes: 2860974 dropped pkts: 1250 bytes:
573720 ]
[ qlength: 13/ 50 borrows: 0 suspends: 345 ]
queue sistema_in on xl0 bandwidth 510Kb priority 2 cbq( red borrow )
[ pkts: 0 bytes: 0 dropped pkts: 0
bytes: 0 ]
[ qlength: 0/ 50 borrows: 0 suspends: 0 ]
queue mail_in on xl0 bandwidth 100Kb priority 0 cbq( red ecn borrow )
[ pkts: 0 bytes: 0 dropped pkts: 0
bytes: 0 ]
[ qlength: 0/ 50 borrows: 0 suspends: 0 ]
queue ssh_in on xl0 bandwidth 50Kb cbq( borrow )
[ pkts: 0 bytes: 0 dropped pkts: 0
bytes: 0 ]
[ qlength: 0/ 50 borrows: 0 suspends: 0 ]
queue www_in on xl0 bandwidth 300Kb cbq( borrow )
[ pkts: 0 bytes: 0 dropped pkts: 0
bytes: 0 ]
[ qlength: 0/ 50 borrows: 0 suspends: 0 ]
por isso que estou achando que estou fazendo algo de errado na conf.
Mais detalhes sobre a lista de discussão freebsd