186d7f5d3SJohn Marino# $OpenBSD: queue2,v 1.3 2005/07/02 16:21:00 joel Exp $ 286d7f5d3SJohn Marino# $DragonFly: src/share/examples/pf/queue2,v 1.1 2005/12/13 01:58:27 corecode Exp $ 386d7f5d3SJohn Marino# advanced queue example. 486d7f5d3SJohn Marino# give interactive ssh traffic priority over ssh bulk transfers (scp, sftp) 586d7f5d3SJohn Marino 686d7f5d3SJohn Marinoext_if="dc0" 786d7f5d3SJohn Marinodeveloperhosts="192.168.2.0/24" 886d7f5d3SJohn Marinoemployeehosts="192.168.0.0/23" 986d7f5d3SJohn Marino 1086d7f5d3SJohn Marinoaltq on $ext_if cbq bandwidth 5Mb queue { std, http, mail, ssh } 1186d7f5d3SJohn Marino 1286d7f5d3SJohn Marinoqueue std bandwidth 10% cbq(default) 1386d7f5d3SJohn Marinoqueue http bandwidth 60% priority 2 cbq(borrow red) { employees, developers } 1486d7f5d3SJohn Marinoqueue developers bandwidth 75% cbq(borrow) 1586d7f5d3SJohn Marinoqueue employees bandwidth 15% 1686d7f5d3SJohn Marinoqueue mail bandwidth 10% priority 0 cbq(borrow ecn) 1786d7f5d3SJohn Marinoqueue ssh bandwidth 20% cbq(borrow) { ssh_interactive, ssh_bulk } 1886d7f5d3SJohn Marinoqueue ssh_interactive bandwidth 25% priority 7 1986d7f5d3SJohn Marinoqueue ssh_bulk bandwidth 75% priority 0 2086d7f5d3SJohn Marino 2186d7f5d3SJohn Marinoblock return out on $ext_if inet all queue std 2286d7f5d3SJohn Marinopass out on $ext_if inet proto tcp from $developerhosts to any port 80 \ 2386d7f5d3SJohn Marino keep state queue developers 2486d7f5d3SJohn Marinopass out on $ext_if inet proto tcp from $employeehosts to any port 80 \ 2586d7f5d3SJohn Marino keep state queue employees 2686d7f5d3SJohn Marinopass out on $ext_if inet proto tcp from any to any port 22 \ 2786d7f5d3SJohn Marino keep state queue(ssh_bulk, ssh_interactive) 2886d7f5d3SJohn Marinopass out on $ext_if inet proto tcp from any to any port 25 \ 2986d7f5d3SJohn Marino keep state queue mail 30