altq on $if_in cbq bandwidth 100Mb qlimit 50 queue { def_download }
queue def_download bandwidth 100% { 192.168.1.0_down, \
192.168.222.1_down, 192.168.222.2_down, 192.168.222.3_down, 192.168.222.4_down, 192.168.222.5_down, \
........... }
queue 192.168.1.0_down bandwidth 40Mb cbq(default red borrow)
queue 192.168.222.1_down bandwidth 1Mb cbq(ecn)
queue 192.168.222.2_down bandwidth 1Mb cbq(ecn)
queue 192.168.222.3_down bandwidth 1Mb cbq(ecn)
...............
altq on $if_out cbq bandwidth 100Mb qlimit 50 queue { def_upload }
queue def_upload bandwidth 100% { 192.168.1.0_up, \
192.168.222.1_up, 192.168.222.2_up, 192.168.222.3_up, 192.168.222.4_up, 192.168.222.5_up, \
........... }
queue 192.168.1.0_up bandwidth 60Mb cbq(default red borrow)
queue 192.168.222.1_up bandwidth 512Kb cbq(ecn)
queue 192.168.222.2_up bandwidth 512Kb cbq(ecn)
.............. ### NAT
nat-anchor "mpd-nat/*"
nat on $if_out from $our_network to any -> $if_out
#nat on $if_out from $if_in:network to any -> $if_out
#pass quick all
#pass all
block in all
pass out all
antispoof quick for { lo $if_out } inet
#ping $$ traceroute (razreshitb vxodashie na BCE !!!)
pass in proto icmp all
### EXT_IF_OUT
#anchor "ext_if-out/*"
#anchor "ng-in/*"
pass in quick on ng0 inet from 192.168.222.1 to any tag from_192.168.222.1 queue 192.168.222.1_down
pass out quick on sis0 inet tagged from_192.168.222.1 queue 192.168.222.1_up
Уже так делаю ну всеравно не шейпит ((((((( всю ширину канала забирает