/* $Id$ */
/*
traffic_shaper_wizard.xml
part of pfSense (http://www.pfsense.org/)
Copyright (C) 2005 Bill Marquette - bill.marquette@gmail.com.
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
8
1
pfSense Traffic Shaper Wizard
true
This wizard will guide you through setting up the pfSense traffic shaper.
Next
submit
Going any further will wipe your existing shaper config!
/* wipe previous */
unset($config['shaper']['queue']);
unset($config['shaper']['rule']);
$config['shaper']['enable'] = FALSE;
2
pfSense Traffic Shaper Wizard
WAN connection speed - Please note that the wizard will automatically subtract 20% for the queues.
Download
The download speed of your WAN link in Kbits/second.
input
^[0-9]*$
Download speed must be numerical
Upload
The upload speed of your WAN link in Kbits/second.
input
^[0-9]*$
Upload speed must be numerical
Next
submit
/* XXX we need to bail and force the user to redo this step if the WAN speeds are 0 */
/* Magic shaper uses HFSC */
$config['system']['schedulertype'] = "hfsc";
/* Create queues */
/* WAN queues */
$queue = array();
$queue['name'] = "qWANRoot";
$queue['associatedrule'] = 0;
$queue['priority'] = 6;
$queue['parentqueue'] = "on";
$queue['bandwidth'] = (int)$_POST['upload'];
$queue['bandwidthtype'] = "Kb";
$config['shaper']['queue'][] = $queue;
$queue = array();
$queue['name'] = "qWANdef";
$queue['attachtoqueue'] = "qWANRoot";
$queue['associatedrule'] = 0;
$queue['defaultqueue'] = 'true';
$queue['priority'] = 3;
$queue['realtime'] = "on";
$queue['realtime1'] = "10%";
$queue['realtime2'] = "1";
$queue['realtime3'] = "10%";
$queue['upperlimit'] = "on";
$queue['upperlimit1'] = "90%";
$queue['upperlimit2'] = "1";
$queue['upperlimit3'] = "90%";
$queue['linkshare'] = "on";
$queue['linkshare1'] = "1%";
$queue['linkshare2'] = "1";
$queue['linkshare3'] = "1%";
$queue['bandwidth'] = "0";
$queue['bandwidthtype'] = "Kb";
$config['shaper']['queue'][] = $queue;
/* LAN queue */
$queue = array();
$queue['name'] = "qLANRoot";
$queue['associatedrule'] = 0;
$queue['priority'] = 6;
$queue['parentqueue'] = "on";
$queue['bandwidth'] = (int)$_POST['download'];
$queue['bandwidthtype'] = "Kb";
$config['shaper']['queue'][] = $queue;
$queue = array();
$queue['name'] = "qLANdef";
$queue['priority'] = 3;
$queue['attachtoqueue'] = "qLANRoot";
$queue['associatedrule'] = 0;
$queue['defaultqueue'] = 'true';
$queue['realtime'] = "on";
$queue['realtime1'] = "10%";
$queue['realtime2'] = "1";
$queue['realtime3'] = "10%";
$queue['upperlimit'] = "on";
$queue['upperlimit1'] = "90%";
$queue['upperlimit2'] = "1";
$queue['upperlimit3'] = "90%";
$queue['linkshare'] = "on";
$queue['linkshare1'] = "1%";
$queue['linkshare2'] = "1";
$queue['linkshare3'] = "1%";
$queue['bandwidth'] = "0";
$queue['bandwidthtype'] = "Kb";
$config['shaper']['queue'][] = $queue;
$queue = array();
$queue['name'] = "qLANacks";
$queue['ack'] = TRUE;
$queue['attachtoqueue'] = "qLANRoot";
$queue['associatedrule'] = 0;
$queue['priority'] = 7;
$queue['realtime'] = "on";
$queue['realtime1'] = "10%";
$queue['realtime2'] = "1";
$queue['realtime3'] = "10%";
$queue['upperlimit'] = "on";
$queue['upperlimit1'] = "90%";
$queue['upperlimit2'] = "1";
$queue['upperlimit3'] = "90%";
$queue['linkshare'] = "on";
$queue['linkshare1'] = "1%";
$queue['linkshare2'] = "1";
$queue['linkshare3'] = "1%";
$queue['bandwidth'] = "0";
$queue['bandwidthtype'] = "Kb";
$config['shaper']['queue'][] = $queue;
$queue = array();
$queue['name'] = "qWANacks";
$queue['ack'] = TRUE;
$queue['attachtoqueue'] = "qWANRoot";
$queue['associatedrule'] = 0;
$queue['priority'] = 7;
$queue['realtime'] = "on";
$queue['realtime1'] = "10%";
$queue['realtime2'] = "1";
$queue['realtime3'] = "10%";
$queue['upperlimit'] = "on";
$queue['upperlimit1'] = "90%";
$queue['upperlimit2'] = "1";
$queue['upperlimit3'] = "90%";
$queue['linkshare'] = "on";
$queue['linkshare1'] = "1%";
$queue['linkshare2'] = "1";
$queue['linkshare3'] = "1%";
$queue['bandwidth'] = "0";
$queue['bandwidthtype'] = "Kb";
$config['shaper']['queue'][] = $queue;
/* XXX create default rules here */
3
pfSense Traffic Shaper Wizard
Voice over IP
Enable
checkbox
Prioritize Voice over IP traffic
This will raise the priority of VOIP traffic above all other traffic.
Provider
select
Choose Generic if your provider isn't listed.
Bandwidth
select
Total bandwidth guarantee for VOIP phone(s)
128
Next
submit
if ( $_POST['enable'] ) {
/* create qVOIPUp */
$queue = array();
$queue['name'] = "qVOIPUp";
$queue['associatedrule'] = 0;
$queue['priority'] = 7;
$queue['ecn'] = "on";
$queue['realtime'] = "on";
$queue['realtime1'] = $_POST['bandwidth'] . "Kb";
$queue['realtime2'] = "1";
$queue['realtime3'] = $_POST['bandwidth'] . "Kb";
$queue['upperlimit'] = "on";
$queue['upperlimit1'] = $_POST['bandwidth'] . "Kb";
$queue['upperlimit2'] = "1";
$queue['upperlimit3'] = $_POST['bandwidth'] . "Kb";
$queue['linkshare'] = "on";
$queue['linkshare1'] = $_POST['bandwidth'] . "Kb";
$queue['linkshare2'] = "1";
$queue['linkshare3'] = $_POST['bandwidth'] . "Kb";
$queue['bandwidth'] = "0";
$queue['bandwidthtype'] = "Kb";
$queue['attachtoqueue'] = "qWANRoot";
$config['shaper']['queue'][] = $queue;
/* create qVOIPDown */
$queue = array();
$queue['name'] = "qVOIPDown";
$queue['associatedrule'] = 0;
$queue['priority'] = 7;
$queue['ecn'] = "on";
$queue['realtime'] = "on";
$queue['realtime1'] = $_POST['bandwidth'] . "Kb";
$queue['realtime2'] = "1";
$queue['realtime3'] = $_POST['bandwidth'] . "Kb";
$queue['upperlimit'] = "on";
$queue['upperlimit1'] = $_POST['bandwidth'] . "Kb";
$queue['upperlimit2'] = "1";
$queue['upperlimit3'] = $_POST['bandwidth'] . "Kb";
$queue['linkshare'] = "on";
$queue['linkshare1'] = $_POST['bandwidth'] . "Kb";
$queue['linkshare2'] = "1";
$queue['linkshare3'] = $_POST['bandwidth'] . "Kb";
$queue['bandwidth'] = "0";
$queue['bandwidthtype'] = "Kb";
$queue['attachtoqueue'] = "qLANRoot";
$config['shaper']['queue'][] = $queue;
if( $_POST['provider'] == "Generic") {
/* create VOIP rules */
$rule = array();
$rule['descr'] = "DiffServ/Lowdelay/Upload";
$rule['inqueue'] = "qVOIPDown";
$rule['outqueue'] = "qVOIPUp";
$rule['interface'] = "lan";
$rule['source']['network'] = 'lan';
$rule['destination']['any'] = TRUE;
$rule['iptos'] = "lowdelay";
$config['shaper']['rule'][] = $rule;
$rule = array();
$rule['descr'] = "DiffServ/Lowdelay/Download";
$rule['inqueue'] = "qVOIPUp";
$rule['outqueue'] = "qVOIPDown";
$rule['interface'] = "wan";
$rule['source']['any'] = TRUE;
$rule['destination']['network'] = 'lan';
$rule['iptos'] = "lowdelay";
$config['shaper']['rule'][] = $rule;
} else {
$voiplist = array();
/* setup vonage rule */
if( $_POST['provider'] == "Vonage")
$voiplist[] = array('Vonage','udp','5060','5069','both');
/* asterisk server / same as vonage somewhat */
if( $_POST['provider'] == "Asterisk") {
$voiplist[] = array('Asterisk','udp','5060','5069','both');
$voiplist[] = array('Asterisk','udp','10000','17226','both');
}
/* VoicePulse server */
if( $_POST['provider'] == "VoicePulse") {
$voiplist[] = array('VoicePulse','udp','16384','16482','both');
$voiplist[] = array('VoicePulse','udp','4569','4569','both');
}
/* Set up/down games as higher weight */
/* loop through voiplist[] */
foreach ($voiplist as $voip) {
foreach (array('source','destination') as $srcdest) {
$rule = array();
if ($srcdest == 'source') {
$destsrc = 'destination';
$rule['outqueue'] = 'qVOIPUp';
$rule['inqueue'] = 'qVOIPDown';
$rule['interface'] = 'lan';
$rule['source']['network'] = 'lan';
$rule['destination']['any'] = TRUE;
$rule['descr'] = "m_voip {$voip[0]} outbound";
} else {
$destsrc = 'source';
$rule['outqueue'] = 'qVOIPDown';
$rule['inqueue'] = 'qVOIPUp';
$rule['interface'] = 'wan';
$rule['source']['any'] = TRUE;
$rule['destination']['network'] = 'lan';
$rule['descr'] = "m_voip {$voip[0]} inbound";
}
$rule['destination']['port'] = $voip[2]."-".$voip[3];
if($voip[1] != '')
$rule['protocol'] = $voip[1];
$config['shaper']['rule'][] = $rule;
}
}
}
}
4
pfSense Traffic Shaper Wizard
Peer to Peer networking
true
true
Enable
checkbox
Prioritize Peer-to-Peer traffic
This will lower the priority of P2P traffic below all other traffic.
Aimster,BitTorrent,BuddyShare,CuteMX,DCplusplus,dcc,DirectConnect,DirectFileExpress,EDonkey2000,FastTrack,Gnutella,grouper,hotComm,HotlineConnect,iMesh,Napster,OpenNap,Scour,SongSpy,WinMX
Next
submit
Enable/Disable specific P2P protocols
listtopic
Aimster
checkbox
Aimster and other P2P using the Aimster protocol and ports
BitTorrent
checkbox
Bittorrent and other P2P using the Torrent protocol and ports
BuddyShare
checkbox
BuddyShare and other P2P using the BuddyShare protocol and ports
CuteMX
checkbox
CuteMX and other P2P using the CuteMX protocol and ports
DCplusplus
checkbox
DC++ and other P2P using the DC++ protocol and ports
DCC
checkbox
irc DCC file transfers
DirectConnect
checkbox
DirectConnect and other P2P using the DirectConnect protocol and ports
DirectFileExpress
checkbox
DirectFileExpress and other P2P using the DirectFileExpress protocol and ports
eDonkey2000
checkbox
eDonkey and other P2P using the eDonkey protocol and ports
FastTrack
checkbox
FastTrack and other P2P using the FastTrack protocol and ports
Gnutella
checkbox
Gnutella and other P2P using the Gnutella protocol and ports
grouper
checkbox
grouper and other P2P using the grouper protocol and ports
hotComm
checkbox
hotComm and other P2P using the hotComm protocol and ports
HotlineConnect
checkbox
HotlineConnect and other P2P using the HotlineConnect protocol and ports
iMesh
checkbox
iMest and other P2P using the iMest protocol and ports
Napster
checkbox
Napster and other P2P using the Napster protocol and ports
OpenNap
checkbox
OpenNap and other P2P using the OpenNap protocol and ports
Scour
checkbox
Scour and other P2P using the Scour protocol and ports
SongSpy
checkbox
SongSpy and other P2P using the SongSpy protocol and ports
WinMX
checkbox
WinMX and other P2P using the WinMX protocol and ports
Next
submit
/* XXX - billm - needs to actually honor what the user selects still */
if ( $_POST['enable'] ) {
$p2plist = array();
/* To add p2p clients, push Descr,Protocol,Start,End,src/dest/both onto p2plist */
if($_POST['aimster'] != "")
$p2plist[] = array('Aimster','tcp','7668','7668','both');
if($_POST['bittorrent'] != "")
$p2plist[] = array('BitTorrent','tcp','6881','6999','both');
if($_POST['buddyshare'] != "")
$p2plist[] = array('BuddyShare','tcp','7788','7788','both');
if($_POST['cutemx'] != "")
$p2plist[] = array('CuteMX','tcp','2340','2340','both');
if($_POST['dc++'] != "")
$p2plist[] = array('DC++','tcp','1412','1412','both');
if($_POST['dcc'] != "")
$p2plist[] = array('dcc','tcp','6666','6668','both');
if($_POST['directconnect'] != "")
$p2plist[] = array('DirectConnect','tcp','412','412','both');
if($_POST['directfileexpress'] != "")
$p2plist[] = array('DirectFileExpress','tcp','1044','1045','both');
if($_POST['edonkey2000'] != "")
$p2plist[] = array('EDonkey2000','tcp','4661','4665','both');
if($_POST['fastTrack'] != "")
$p2plist[] = array('FastTrack','tcp','1214','1214','both');
if($_POST['gnutella'] != "")
$p2plist[] = array('Gnutella','tcp','6346','6346','both');
if($_POST['grouper'] != "")
$p2plist[] = array('grouper','tcp','8038','8039','both');
if($_POST['hotcomm'] != "")
$p2plist[] = array('hotComm','tcp','28864','28865','both');
if($_POST['hotlineconnect'] != "")
$p2plist[] = array('HotlineConnect','tcp','5500','5503','both');
if($_POST['imesh'] != "")
$p2plist[] = array('iMesh','tcp','4329','4329','both');
if($_POST['napster'] != "")
$p2plist[] = array('Napster','tcp','6699','6701','both');
if($_POST['opennap'] != "")
$p2plist[] = array('OpenNap','tcp','8888','8889','both');
if($_POST['scour'] != "")
$p2plist[] = array('Scour','tcp','8311','8311','both');
if($_POST['songspy'] != "")
$p2plist[] = array('SongSpy','tcp','5190','5190','both');
if($_POST['winmx'] != "")
$p2plist[] = array('WinMX','tcp','6699','6699','both');
/* Set up/down p2p as lowest weight */
/* loop through p2plist[] */
foreach ($p2plist as $p2pclient) {
foreach (array('source','destination') as $srcdest) {
$rule = array();
if ($srcdest == 'source') {
$destsrc = 'destination';
$rule['outqueue'] = 'qP2PUp';
$rule['inqueue'] = 'qP2PDown';
$rule['interface'] = 'lan';
$rule['source']['network'] = 'lan';
$rule['destination']['any'] = TRUE;
$rule['descr'] = "m_P2P {$p2pclient[0]} outbound";
} else {
$destsrc = 'source';
$rule['outqueue'] = 'qP2PDown';
$rule['inqueue'] = 'qP2PUp';
$rule['interface'] = 'wan';
$rule['source']['any'] = TRUE;
$rule['destination']['network'] = 'lan';
$rule['descr'] = "m_P2P {$p2pclient[0]} inbound";
}
$rule['destination']['port'] = $p2pclient[2]."-".$p2pclient[3];
if($p2pclient[1] != '')
$rule['protocol'] = $p2pclient[1];
$config['shaper']['rule'][] = $rule;
}
}
/* create qP2PUp */
$queue = array();
$queue['name'] = "qP2PUp";
$queue['associatedrule'] = 0;
$queue['priority'] = 0;
$queue['red'] = "on";
$queue['ecn'] = "on";
$queue['realtime'] = "on";
$queue['realtime1'] = "1Kb";
$queue['realtime2'] = "1";
$queue['realtime3'] = "1Kb";
$queue['upperlimit'] = "on";
$queue['upperlimit1'] = "90%";
$queue['upperlimit2'] = "1";
$queue['upperlimit3'] = "90%";
$queue['linkshare'] = "on";
$queue['linkshare1'] = "0%";
$queue['linkshare2'] = "1";
$queue['linkshare3'] = "0%";
$queue['bandwidth'] = "0";
$queue['bandwidthtype'] = "Kb";
$queue['attachtoqueue'] = "qWANRoot";
$config['shaper']['queue'][] = $queue;
/* create qP2PDown */
$queue = array();
$queue['name'] = "qP2PDown";
$queue['associatedrule'] = 0;
$queue['priority'] = 1;
$queue['red'] = "on";
$queue['ecn'] = "on";
$queue['realtime'] = "on";
$queue['realtime1'] = "1Kb";
$queue['realtime2'] = "1";
$queue['realtime3'] = "1Kb";
$queue['upperlimit'] = "on";
$queue['upperlimit1'] = "90%";
$queue['upperlimit2'] = "1";
$queue['upperlimit3'] = "90%";
$queue['linkshare'] = "on";
$queue['linkshare1'] = "1%";
$queue['linkshare2'] = "1";
$queue['linkshare3'] = "1%";
$queue['bandwidth'] = "0";
$queue['bandwidthtype'] = "Kb";
$queue['attachtoqueue'] = "qLANRoot";
$config['shaper']['queue'][] = $queue;
}
5
pfSense Traffic Shaper Wizard
true
Network Games
Enable
checkbox
Prioritize network gaming traffic
This will raise the priority of gaming traffic to higher than most traffic.
Counterstrike,DeltaForce,QuakeIII,TigerWoods2004PS2,CallOfDuty,PlanetSide
true
Enable/Disable specific P2P protocols
listtopic
Counterstrike
checkbox
Counterstrike. The ultimate 1st person shooter.
DeltaForce
checkbox
Delta Force
QuakeIII
checkbox
Quake III
TigerWoods2004PS2
checkbox
Tiger Woods 2004 for PS2
CallOfDuty
checkbox
Call Of Duty (United Offensive)
PlanetSide
checkbox
PlanetSide
Next
submit
/* XXX - billm - needs to actually honor what the user selects still */
if ( $_POST['enable'] ) {
/* create qGamesUp queue */
$queue = array();
$queue['name'] = "qGamesUp";
$queue['associatedrule'] = 0;
$queue['priority'] = 5;
$queue['red'] = "on";
$queue['ecn'] = "on";
$queue['realtime'] = "on";
$queue['realtime1'] = "1Kb";
$queue['realtime2'] = "1";
$queue['realtime3'] = "1Kb";
$queue['upperlimit'] = "on";
$queue['upperlimit1'] = "90%";
$queue['upperlimit2'] = "1";
$queue['upperlimit3'] = "90%";
$queue['linkshare'] = "on";
$queue['linkshare1'] = "1%";
$queue['linkshare2'] = "1";
$queue['linkshare3'] = "1%";
$queue['bandwidth'] = "0";
$queue['bandwidthtype'] = "Kb";
$queue['attachtoqueue'] = "qWANRoot";
$config['shaper']['queue'][] = $queue;
/* create qGamesDown queue */
$queue = array();
$queue['name'] = "qGamesDown";
$queue['associatedrule'] = 0;
$queue['priority'] = 5;
$queue['red'] = "on";
$queue['ecn'] = "on";
$queue['realtime'] = "on";
$queue['realtime1'] = "1Kb";
$queue['realtime2'] = "1";
$queue['realtime3'] = "1Kb";
$queue['upperlimit'] = "on";
$queue['upperlimit1'] = "90%";
$queue['upperlimit2'] = "1";
$queue['upperlimit3'] = "90%";
$queue['linkshare'] = "on";
$queue['linkshare1'] = "1%";
$queue['linkshare2'] = "1";
$queue['linkshare3'] = "1%";
$queue['bandwidth'] = "0";
$queue['bandwidthtype'] = "Kb";
$queue['attachtoqueue'] = "qLANRoot";
$config['shaper']['queue'][] = $queue;
$gamesplist = array();
if($_POST['counterstrike'] != "") {
/* counter strike */
$gamesplist[] = array('Titan','udp','6003','6003','both');
$gamesplist[] = array('Authentication','udp','7002','7002','both');
$gamesplist[] = array('Client','udp','6003','6003','both');
$gamesplist[] = array('Masterserver','udp','27010','27010','both');
$gamesplist[] = array('Mod-Server','udp','27011','27011','both');
$gamesplist[] = array('Chat','udp','27012','27012','both');
$gamesplist[] = array('HL-Serverport ','udp','27015','27015','both');
}
if($_POST['deltaforce'] != "") {
/* delta force */
$gamesplist[] = array('Delta1','udp','17478','17488','both');
}
if($_POST['quakeiii'] != "") {
/* quake3 */
$gamesplist[] = array('Delta1','udp','27910','27919','both');
}
if($_POST['tigerwoods2004ps2'] != "") {
/* tiger woods 2004 ps2 */
$gamesplist[] = array('Outbound2Player','udp','3658','3658','both');
$gamesplist[] = array('Outbound2Player2','udp','6000','6000','both');
$gamesplist[] = array('Outbound2EA','tcp','10300','10301','both');
}
if($_POST['callofduty'] != "") {
/* Call of Duty (United Offensive) */
$gamesplist[] = array('CallOfDuty1','tcp','28960','28960','both');
$gamesplist[] = array('CallOfDuty2','udp','28960','28960','both');
}
if($_POST['planetside'] != "") {
/* PlanetSide */
$gamesplist[] = array('PlanetSide','tcp','7000','7000','both');
$gamesplist[] = array('PlanetSide','tcp','7080','7080','both');
$gamesplist[] = array('PlanetSide2','udp','3016','3021','both');
$gamesplist[] = array('PlanetSide2','udp','45000','45010','both');
$gamesplist[] = array('PlanetSide2','udp','30000','30500','both');
}
/* XXX: add some more games before this line!! */
/* Set up/down games as higher weight */
/* loop through p2plist[] */
foreach ($gamesplist as $Gameclient) {
foreach (array('source','destination') as $srcdest) {
$rule = array();
if ($srcdest == 'source') {
$destsrc = 'destination';
$rule['outqueue'] = 'qGamesUp';
$rule['inqueue'] = 'qGamesDown';
$rule['interface'] = 'lan';
$rule['source']['network'] = 'lan';
$rule['destination']['any'] = TRUE;
$rule['descr'] = "m_Game {$Gameclient[0]} outbound";
} else {
$destsrc = 'source';
$rule['outqueue'] = 'qGamesDown';
$rule['inqueue'] = 'qGamesUp';
$rule['interface'] = 'wan';
$rule['source']['any'] = TRUE;
$rule['destination']['network'] = 'lan';
$rule['descr'] = "m_Game {$Gameclient[0]} inbound";
}
$rule['destination']['port'] = $Gameclient[2]."-".$Gameclient[3];
if($Gameclient[1] != '')
$rule['protocol'] = $Gameclient[1];
$config['shaper']['rule'][] = $rule;
}
}
}
6
pfSense Traffic Shaper Wizard
true
Raise Other Applications
Enable
checkbox
Other networking protocols
This will help raise the priority of other protocols higher than most traffic.
MSRDP,PPTP,IPSEC,StreamingMP3,IRC,DNS,HTTP,SSH,SMTP,POP3,ICMP
true
Enable/Disable other protocols
listtopic
MSRDP
checkbox
Microsoft Remote Desktop Protocol
PPTP
checkbox
Microsoft Point to Point tunneling protocol
IPSEC
checkbox
IPSEC VPN traffic
StreamingMP3
checkbox
Streaming Media
IRC
checkbox
Internet Relay Chat
DNS
checkbox
Domain Name Services
HTTP
checkbox
HTTP and HTTPS aka Web Traffic
SSH
checkbox
Secure shell protocol
SMTP
checkbox
Mail Protocol
POP3
checkbox
POP3 Protocol
ICMP
checkbox
ICMP Protocol
Next
submit
if ( $_POST['enable'] ) {
/* create qOthersUp queue */
$queue = array();
$queue['name'] = "qOthersUp";
$queue['associatedrule'] = 0;
$queue['priority'] = 4;
$queue['red'] = "on";
$queue['ecn'] = "on";
$queue['realtime'] = "on";
$queue['realtime1'] = "1Kb";
$queue['realtime2'] = "1";
$queue['realtime3'] = "1Kb";
$queue['upperlimit'] = "on";
$queue['upperlimit1'] = "90%";
$queue['upperlimit2'] = "1";
$queue['upperlimit3'] = "90%";
$queue['linkshare'] = "on";
$queue['linkshare1'] = "1%";
$queue['linkshare2'] = "1";
$queue['linkshare3'] = "1%";
$queue['bandwidth'] = "0";
$queue['bandwidthtype'] = "Kb";
$queue['attachtoqueue'] = "qWANRoot";
$config['shaper']['queue'][] = $queue;
/* create qOthersDown queue */
$queue = array();
$queue['name'] = "qOthersDown";
$queue['associatedrule'] = 0;
$queue['priority'] = 4;
$queue['red'] = "on";
$queue['ecn'] = "on";
$queue['realtime'] = "on";
$queue['realtime1'] = "1Kb";
$queue['realtime2'] = "1";
$queue['realtime3'] = "1Kb";
$queue['upperlimit'] = "on";
$queue['upperlimit1'] = "90%";
$queue['upperlimit2'] = "1";
$queue['upperlimit3'] = "90%";
$queue['linkshare'] = "on";
$queue['linkshare1'] = "1%";
$queue['linkshare2'] = "1";
$queue['linkshare3'] = "1%";
$queue['bandwidth'] = "0";
$queue['bandwidthtype'] = "Kb";
$queue['attachtoqueue'] = "qLANRoot";
$config['shaper']['queue'][] = $queue;
$othersplist = array();
if($_POST['msrdp'] != "") {
/* MSRDP */
$othersplist[] = array('MSRDP','tcp','3389','3389','both');
}
if($_POST['pptp'] != "") {
/* PPTP */
$othersplist[] = array('PPTP','tcp','1723','1723','both');
$othersplist[] = array('PPTPGRE','gre','','','both');
}
if($_POST['ipsec'] != "") {
/* IPSEC */
$othersplist[] = array('IPSEC','udp','500','500','both');
$othersplist[] = array('IPSEC','ah','','','both');
$othersplist[] = array('IPSEC','esp','','','both');
}
if($_POST['streamingmp3'] != "") {
/* streaming mp3 media aka shoutcast */
$othersplist[] = array('STREAMINGMP3','tcp','8000','8010','both');
}
if($_POST['irc'] != "") {
/* internet relay chat */
$othersplist[] = array('IRC','tcp','6667','6670','both');
}
if($_POST['dns'] != "") {
/* domain name system */
$othersplist[] = array('DNS1','tcp','53','53','both');
$othersplist[] = array('DNS2','udp','53','53','both');
}
if($_POST['http'] != "") {
/* HTTP aka Web Traffic */
$othersplist[] = array('HTTP','tcp','80','80','both');
$othersplist[] = array('HTTPS','tcp','443','443','both');
}
if($_POST['ssh'] != "") {
/* Secure shell traffic */
$othersplist[] = array('SSH','tcp','22','22','both');
}
if($_POST['smtp'] != "") {
/* Secure shell traffic */
$othersplist[] = array('SMTP','tcp','25','25','both');
}
if($_POST['pop3'] != "") {
/* Post Office Protocol - POP3 */
$othersplist[] = array('POP3','tcp','110','110','both');
}
if($_POST['icmp'] != "") {
/* ICMP */
$othersplist[] = array('ICMP','icmp','','','both');
}
/* XXX: add some more protocols here! */
/* Set up/down protocols as higher weight */
/* loop through othersplist[] */
foreach ($othersplist as $otherclient) {
foreach (array('source','destination') as $srcdest) {
$rule = array();
if ($srcdest == 'source') {
$destsrc = 'destination';
$rule['outqueue'] = 'qOthersUp';
$rule['inqueue'] = 'qOthersDown';
$rule['interface'] = 'lan';
$rule['source']['network'] = 'lan';
$rule['destination']['any'] = TRUE;
$rule['descr'] = "m_Other {$otherclient[0]} outbound";
} else {
$destsrc = 'source';
$rule['outqueue'] = 'qOthersDown';
$rule['inqueue'] = 'qOthersUp';
$rule['interface'] = 'wan';
$rule['source']['any'] = TRUE;
$rule['destination']['network'] = 'lan';
$rule['descr'] = "m_Other {$otherclient[0]} inbound";
}
$rule['destination']['port'] = $otherclient[2]."-".$otherclient[3];
if($otherclient[1] != '')
$rule['protocol'] = $otherclient[1];
$config['shaper']['rule'][] = $rule;
}
}
}
7
pfSense Traffic Shaper Wizard
true
Lower Other Applications
Enable
checkbox
Other networking protocols
This will help lower the priority of other protocols lower than most traffic.
MSRDP,PPTP,IPSEC,StreamingMP3,IRC,DNS,HTTP,SSH,SMTP,POP3,ICMP
true
Enable/Disable other protocols
listtopic
MSRDP
checkbox
Microsoft Remote Desktop Protocol
PPTP
checkbox
Microsoft Point to Point tunneling protocol
IPSEC
checkbox
IPSEC VPN traffic
StreamingMP3
checkbox
Streaming Media
IRC
checkbox
Internet Relay Chat
DNS
checkbox
Domain Name Services
HTTP
checkbox
HTTP and HTTPS aka Web Traffic
SSH
checkbox
Secure shell protocol
SMTP
checkbox
Mail Protocol
POP3
checkbox
POP3 Protocol
ICMP
checkbox
ICMP Protocol
Next
submit
if ( $_POST['enable'] ) {
/* create qOthersUp queue */
$queue = array();
$queue['name'] = "qOthersUpL";
$queue['associatedrule'] = 0;
$queue['priority'] = 1;
$queue['red'] = "on";
$queue['ecn'] = "on";
$queue['realtime'] = "on";
$queue['realtime1'] = "1Kb";
$queue['realtime2'] = "1";
$queue['realtime3'] = "1Kb";
$queue['upperlimit'] = "on";
$queue['upperlimit1'] = "90%";
$queue['upperlimit2'] = "1";
$queue['upperlimit3'] = "90%";
$queue['linkshare'] = "on";
$queue['linkshare1'] = "1%";
$queue['linkshare2'] = "1";
$queue['linkshare3'] = "1%";
$queue['bandwidth'] = "0";
$queue['bandwidthtype'] = "Kb";
$queue['attachtoqueue'] = "qWANRoot";
$config['shaper']['queue'][] = $queue;
/* create qOthersDown queue */
$queue = array();
$queue['name'] = "qOthersDownL";
$queue['associatedrule'] = 0;
$queue['priority'] = 1;
$queue['red'] = "on";
$queue['ecn'] = "on";
$queue['realtime'] = "on";
$queue['realtime1'] = "1Kb";
$queue['realtime2'] = "1";
$queue['realtime3'] = "1Kb";
$queue['upperlimit'] = "on";
$queue['upperlimit1'] = "90%";
$queue['upperlimit2'] = "1";
$queue['upperlimit3'] = "90%";
$queue['linkshare'] = "on";
$queue['linkshare1'] = "1%";
$queue['linkshare2'] = "1";
$queue['linkshare3'] = "1%";
$queue['bandwidth'] = "0";
$queue['bandwidthtype'] = "Kb";
$queue['attachtoqueue'] = "qLANRoot";
$config['shaper']['queue'][] = $queue;
$othersplist = array();
if($_POST['msrdp'] != "") {
/* MSRDP */
$othersplist[] = array('MSRDP','tcp','3389','3389','both');
}
if($_POST['pptp'] != "") {
/* PPTP */
$othersplist[] = array('PPTP','tcp','1723','1723','both');
$othersplist[] = array('PPTPGRE','gre','','','both');
}
if($_POST['ipsec'] != "") {
/* IPSEC */
$othersplist[] = array('IPSEC','udp','500','500','both');
$othersplist[] = array('IPSEC','ah','','','both');
$othersplist[] = array('IPSEC','esp','','','both');
}
if($_POST['streamingmp3'] != "") {
/* streaming mp3 media aka shoutcast */
$othersplist[] = array('STREAMINGMP3','tcp','8000','8010','both');
}
if($_POST['irc'] != "") {
/* internet relay chat */
$othersplist[] = array('IRC','tcp','6667','6670','both');
}
if($_POST['dns'] != "") {
/* domain name system */
$othersplist[] = array('DNS1','tcp','53','53','both');
$othersplist[] = array('DNS2','udp','53','53','both');
}
if($_POST['http'] != "") {
/* HTTP aka Web Traffic */
$othersplist[] = array('HTTP','tcp','80','80','both');
$othersplist[] = array('HTTPS','tcp','443','443','both');
}
if($_POST['ssh'] != "") {
/* Secure shell traffic */
$othersplist[] = array('SSH','tcp','22','22','both');
}
if($_POST['smtp'] != "") {
/* Secure shell traffic */
$othersplist[] = array('SMTP','tcp','25','25','both');
}
if($_POST['pop3'] != "") {
/* Post Office Protocol - POP3 */
$othersplist[] = array('POP3','tcp','110','110','both');
}
if($_POST['icmp'] != "") {
/* ICMP */
$othersplist[] = array('ICMP','icmp','','','both');
}
/* XXX: add some more protocols here! */
/* Set up/down protocols as higher weight */
/* loop through othersplist[] */
foreach ($othersplist as $otherclient) {
foreach (array('source','destination') as $srcdest) {
$rule = array();
if ($srcdest == 'source') {
$destsrc = 'destination';
$rule['outqueue'] = 'qOthersUpL';
$rule['inqueue'] = 'qOthersDownL';
$rule['interface'] = 'lan';
$rule['source']['network'] = 'lan';
$rule['destination']['any'] = TRUE;
$rule['descr'] = "m_Other {$otherclient[0]} outbound";
} else {
$destsrc = 'source';
$rule['outqueue'] = 'qOthersDownL';
$rule['inqueue'] = 'qOthersUpL';
$rule['interface'] = 'wan';
$rule['source']['any'] = TRUE;
$rule['destination']['network'] = 'lan';
$rule['descr'] = "m_Other {$otherclient[0]} inbound";
}
$rule['destination']['port'] = $otherclient[2]."-".$otherclient[3];
if($otherclient[1] != '')
$rule['protocol'] = $otherclient[1];
$config['shaper']['rule'][] = $rule;
}
}
}
8
pfSense Traffic Shaper Wizard
After pressing Finish the system will load the new profile.
Finish
submit
$config['shaper']['enable'] = TRUE;
filter_configure();
header("Location: /");