forum.opennet.ru

Составление сообщения

Исходное сообщение

"pf+vlan+ALTQ"
Отправлено weldpua2008, 19-Апр-08 02:25

Поправил ошибку:
# cat /etc/pf.conf
vlan1="vlan1"
table <me>  {10.1.1.2}
table <vlan1> {10.12.1.0/24}
table <server> {10.1.1.1}
table <local> {10.13.1.0/24,10.14.1.0/24,10.15.1.0/24,10.16.1.0/24,10.17.1.0/24}
scrub in all
##Vlan1
  altq on $vlan1 bandwidth 20Mb cbq queue \
        { gre_vlan1, server_vlan1, local_vlan1, other_vlan1 }
  queue gre_vlan1 bandwidth 60% cbq(borrow red) { gre_vlan1_hi,gre_vlan1_lo }
    queue gre_vlan1_hi bandwidth 25% priority 7 cbq(borrow red)
    queue gre_vlan1_lo bandwidth 75% priority 7 cbq(borrow red)
  queue server_vlan1 bandwidth 30% cbq(borrow red)
  queue local_vlan1 bandwidth 8% cbq(borrow red)
  queue other_vlan1 bandwidth 2% cbq(default borrow red)
##
pass quick proto icmp all
pass in quick on lo0 all
pass quick proto tcp from any to any port = 22 keep state
##VLAN1
pass in quick proto tcp from <vlan1> to <server> port = 1723 keep state \
        queue gre_vlan1_hi
pass in quick on $vlan1 proto tcp from <vlan1> to any flags S/SA \
        keep state queue gre_vlan1_hi
pass in quick on $vlan1 proto gre from <vlan1> to <server> keep state \
         queue gre_vlan1_lo
pass in quick on $vlan1 from <vlan1> to <server> keep state \
        queue server_vlan1
pass in quick on $vlan1 from <vlan1> to <local> keep state \
        queue local_vlan1
pass in quick on $vlan1 from <local> to <vlan1> keep state \
        queue local_vlan1
pass in quick on $vlan1 from <vlan1> to any keep state \
        queue local_vlan1
##
block quick log all

Исходное сообщение
"pf+vlan+ALTQ" Отправлено weldpua2008, 19-Апр-08 02:25
Поправил ошибку: # cat /etc/pf.conf vlan1="vlan1" table <me> {10.1.1.2} table <vlan1> {10.12.1.0/24} table <server> {10.1.1.1} table <local> {10.13.1.0/24,10.14.1.0/24,10.15.1.0/24,10.16.1.0/24,10.17.1.0/24} scrub in all ##Vlan1 altq on $vlan1 bandwidth 20Mb cbq queue \ { gre_vlan1, server_vlan1, local_vlan1, other_vlan1 } queue gre_vlan1 bandwidth 60% cbq(borrow red) { gre_vlan1_hi,gre_vlan1_lo } queue gre_vlan1_hi bandwidth 25% priority 7 cbq(borrow red) queue gre_vlan1_lo bandwidth 75% priority 7 cbq(borrow red) queue server_vlan1 bandwidth 30% cbq(borrow red) queue local_vlan1 bandwidth 8% cbq(borrow red) queue other_vlan1 bandwidth 2% cbq(default borrow red) ## pass quick proto icmp all pass in quick on lo0 all pass quick proto tcp from any to any port = 22 keep state ##VLAN1 pass in quick proto tcp from <vlan1> to <server> port = 1723 keep state \ queue gre_vlan1_hi pass in quick on $vlan1 proto tcp from <vlan1> to any flags S/SA \ keep state queue gre_vlan1_hi pass in quick on $vlan1 proto gre from <vlan1> to <server> keep state \ queue gre_vlan1_lo pass in quick on $vlan1 from <vlan1> to <server> keep state \ queue server_vlan1 pass in quick on $vlan1 from <vlan1> to <local> keep state \ queue local_vlan1 pass in quick on $vlan1 from <local> to <vlan1> keep state \ queue local_vlan1 pass in quick on $vlan1 from <vlan1> to any keep state \ queue local_vlan1 ## block quick log all

Ваше сообщение

Имя*:

EMail:

Для отправки новых сообщений в текущей нити на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email).
Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.

Заголовок*:

Сообщение*:

> Поправил ошибку:

> # cat /etc/pf.conf 
> vlan1="vlan1" 
> table <me>  {10.1.1.2} 
> table <vlan1> {10.12.1.0/24} 
> table <server> {10.1.1.1} 
> table <local> {10.13.1.0/24,10.14.1.0/24,10.15.1.0/24,10.16.1.0/24,10.17.1.0/24}

> scrub in all

> ##Vlan1 
>   altq on $vlan1 bandwidth 20Mb cbq queue \ 
>         { gre_vlan1, server_vlan1, local_vlan1, 
> other_vlan1 } 
>   queue gre_vlan1 bandwidth 60% cbq(borrow red) { gre_vlan1_hi,gre_vlan1_lo } 
>     queue gre_vlan1_hi bandwidth 25% priority 7 cbq(borrow red) 
 
>     queue gre_vlan1_lo bandwidth 75% priority 7 cbq(borrow red)

>   queue server_vlan1 bandwidth 30% cbq(borrow red) 
>   queue local_vlan1 bandwidth 8% cbq(borrow red) 
>   queue other_vlan1 bandwidth 2% cbq(default borrow red)

> ##

> pass quick proto icmp all 
> pass in quick on lo0 all 
> pass quick proto tcp from any to any port = 22 keep 
> state

> ##VLAN1

> pass in quick proto tcp from <vlan1> to <server> port = 1723 
> keep state \ 
>         queue gre_vlan1_hi 
> pass in quick on $vlan1 proto tcp from <vlan1> to any flags 
> S/SA \ 
>         keep state queue gre_vlan1_hi

> pass in quick on $vlan1 proto gre from <vlan1> to <server> keep 
> state \ 
>          queue gre_vlan1_lo

> pass in quick on $vlan1 from <vlan1> to <server> keep state \ 
 
>         queue server_vlan1

> pass in quick on $vlan1 from <vlan1> to <local> keep state \ 
 
>         queue local_vlan1

> pass in quick on $vlan1 from <local> to <vlan1> keep state \ 
 
>         queue local_vlan1

> pass in quick on $vlan1 from <vlan1> to any keep state \ 
 
>         queue local_vlan1 
> ##

> block quick log all

При общении не допускается: неуважительное отношение к собеседнику, хамство, унизительное обращение, ненормативная лексика, переход на личности, агрессивное поведение, обесценивание собеседника, провоцирование флейма голословными и заведомо ложными заявлениями. Не отвечайте на сообщения, явно нарушающие правила - удаляются не только сами нарушения, но и все ответы на них. Лог модерирования.

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру