diff options
Diffstat (limited to 'regress/sbin/pfctl/pf35.in')
| -rw-r--r-- | regress/sbin/pfctl/pf35.in | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/regress/sbin/pfctl/pf35.in b/regress/sbin/pfctl/pf35.in new file mode 100644 index 00000000000..a85b2573ab8 --- /dev/null +++ b/regress/sbin/pfctl/pf35.in @@ -0,0 +1,30 @@ +#test matching on tos; test queue rules which specify qlimit, test altq rule +#with tbrsize specification, test queue rules which do not specify bandwidth, +#test queue rule which doesn't specify anything + +intf = "lo0" +developerhosts="10.0.0.0/24" +employeehosts="10.0.1.0/24" + +altq on $intf scheduler cbq(ecn) bandwidth 10Mb tbrsize 5000 \ + queue { std, http, mail, ssh } + +queue std bandwidth 10% qlimit 1 cbq(default) +queue http bandwidth 60% priority 2 cbq(borrow red) { employees, developers } +queue developers +queue employees bandwidth 10% +queue mail bandwidth 10% priority 0 cbq(borrow ecn) +queue ssh bandwidth 20% cbq(borrow) { ssh_interactive, ssh_bulk } +queue ssh_interactive priority 7 +queue ssh_bulk priority 0 qlimit 60 + +block return out on $intf inet all queue std +pass out on $intf inet proto tcp from $developerhosts to any port 80 keep state \ + queue developers +pass out on $intf inet proto tcp from $employeehosts to any port 80 keep state \ + queue employees +pass out on $intf inet proto tcp from any to any port 22 tos 0x10 \ + keep state queue ssh_interactive #priority for interactive sessions +pass out on $intf inet proto tcp from any to any port 22 tos 0x08 \ + keep state queue ssh_bulk #less priority for scp/sftp/... +pass out on $intf inet proto tcp from any to any port 25 keep state queue mail |