[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: altq + NAT'd udp packets

On Thursday, Jan 29, 2004, at 19:30 US/Pacific, Andre LaBranche wrote:

I am seeing some odd behavior and I'm not sure what the cause is. I'm using altq / pf in obsd 3.4 to do transparent traffic shaping between my LAN and dsl connection. I'm also using the openbsd machine to do NAT for the few workstations that don't have public IPs.

For some reason, all traffic to and from NAT'd machines falls into the default inbound / outbound queues. Most of the rules use "any" as the source and destination, since my goal is to do shaping for various services equally through my network... so I don't see what difference it would make if the host in question has a private or public IP. Does it matter which interface I do NAT on? Currently I'm doing it on the internal one... I'm not really sure what to try next. Any ideas?

I don't have any specific comments on the ruleset, but you can add log to the rules and tcpdump -eni pflog0 to see which rules are matching. Use pfctl -vvsr to get the rule numbers.