altq within anchor

Umar unix.co at gmail.com
Thu Oct 4 12:19:25 PDT 2007 

Dear members!

I want to include altq anchor within my pf.conf but i got error.

here is the altqrule file /home/anchor-altq

 altq on fxp0 bandwidth 100Mb cbq queue { default, ip4, ip5, ip6, ip7 }
 queue default bandwidth 90Mb cbq (default)
 queue ip bandwidth 90Kb
 queue ip5 bandwidth 90Kb
 queue ip6 bandwidth 90Kb
 queue ip7 bandwidth 90Kb
 anchor altqrules

here is my /etc/pf.conf file 

<-------snip-------->

int_if = "fxp0"
ext_if = "rl0"
lan_net = "192.168.1.0/24"

# Options: tune the behavior of pf, default values are given.
set timeout { interval 10, frag 30 }
set timeout { tcp.first 120, tcp.opening 30, tcp.established 86400 }
set timeout { tcp.closing 900, tcp.finwait 45, tcp.closed 90 }
set timeout { udp.first 60, udp.single 30, udp.multiple 60 }
set timeout { icmp.first 20, icmp.error 10 }
set timeout { other.first 60, other.single 30, other.multiple 60 }
set timeout { adaptive.start 0, adaptive.end 0 }
set limit { states 10000, frags 5000 }

set loginterface none
set optimization normal
set block-policy drop
set require-order yes
set fingerprints "/etc/pf.os"

# Normalization: reassemble fragments and resolve or reduce traffic
ambiguities.
scrub in all

# Bandwidth Shapping
anchor altqrules
load anchor altqrules from "/home/anchor-altq"

# Translation: specify how addresses are to be mapped or redirected.
nat on $ext_if from { $lan_net } to any -> ($ext_if)

pass in quick on lo0 all
pass in quick on $int_if from $lan_net to any keep state
pass out on $int_if from any to any keep state
pass out on $ext_if from any to any keep state

#  default deny
block in log on $ext_if

<-------snip-------->

but when i reload my pf i got the error

Reloading pf rules.
/etc/pf.conf:36: Rules must be in order: options, normalization, queueing,
translation, filtering
/etc/pf.conf:37: Rules must be in order: options, normalization, queueing,
translation, filtering
/etc/pf.conf:38: Rules must be in order: options, normalization, queueing,
translation, filtering
/etc/pf.conf:39: Rules must be in order: options, normalization, queueing,
translation, filtering


Please help what should i do?

Regards,

Umar Draz
-- 
View this message in context: http://www.nabble.com/altq-within-anchor-tf4570970.html#a13046989
Sent from the freebsd-pf mailing list archive at Nabble.com.

More information about the freebsd-pf mailing list