9d7ccc0ffa
- Add OpenBSD example rulesets as advertised in etc/pf.conf and pf.conf(5) - Tweak the pointer to fit the FreeBSD default location share/examples/pf - Account for the new directory in BSD.usr.dist (no hier(7) change required as share/examples is an opaque item there). Obtained from: OpenBSD Reminded by: Thomas T. Veldhouse PR: docs/71691 MFC after: 2 days
24 lines
917 B
Plaintext
24 lines
917 B
Plaintext
# $FreeBSD$
|
|
# $OpenBSD: queue1,v 1.3 2003/01/20 16:14:23 henning Exp $
|
|
|
|
ext_if = "dc0"
|
|
|
|
altq on $ext_if cbq bandwidth 10Mb \
|
|
queue { deflt, http, ssh, mail, rsets }
|
|
queue deflt bandwidth 10% priority 0 cbq(default ecn)
|
|
queue http bandwidth 1.5Mb priority 3 { http_vhosts, http_cust1 }
|
|
queue http_vhosts bandwidth 40% cbq(borrow red)
|
|
queue http_cust1 bandwidth 0.5Mb
|
|
queue mail bandwidth 10% priority 1
|
|
queue ssh bandwidth 100Kb priority 7 cbq(borrow)
|
|
queue rsets bandwidth 7500b priority 0 cbq(red)
|
|
|
|
block return in on $ext_if inet all queue rsets
|
|
pass in on $ext_if inet proto tcp from any to any port 80 keep state queue http
|
|
pass out on $ext_if inet proto tcp from any to any port 22 keep state queue ssh
|
|
pass in on $ext_if inet proto tcp from any to any port 22 keep state queue ssh
|
|
pass out on $ext_if inet proto tcp from any to any port 25 keep state queue mail
|
|
pass out on $ext_if inet all keep state
|
|
|
|
|