Project

General

Profile

Actions

Bug #670

closed

Diffserv Code Point in firewall rule isn't match with the result of "pfctl-sr"

Added by Lulik Kurnianto over 14 years ago. Updated about 14 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Traffic Shaper (ALTQ)
Target version:
Start date:
06/17/2010
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.0
Affected Architecture:

Description

http://forum.pfsense.org/index.php/topic,26044.0.html

when I cretaed a rule with "Diffserv Code Point" like here :

/tmp/rules.debug
pass out quick on { re0 } proto tcp from any to 192.168.55.0/24 dscp af12 flags S/SA keep state queue (local) label "USER_RULE"

#pfctl -sr
pass out quick on re0 inet proto tcp from any to 192.168.55.0/24 flags S/SA dscp 0x30 keep state label "USER_RULE" queue local

dscp 0x30 is not true mapping of dscp af12 ,
Here are the mapping of dscp and TOS in hex and binnary format.
TOS hex binary DSCP hex binary Classid AFClass
40 0x28 00101000 10 0x0a 00001010 1:111 AF 11
48 0x30 00110000 12 0x0c 00001100 1:112 AF 12
56 0x38 00111000 14 0x0e 00001110 1:113 AF 13
72 0x48 01001000 18 0x12 00010010 1:121 AF 21
80 0x50 01010000 20 0x14 00010100 1:122 AF 22
88 0x58 01011000 22 0x16 00010110 1:123 AF 23
104 0x68 01101000 26 0x1a 00011010 1:131 AF 31
112 0x70 01110000 28 0x1c 00011100 1:132 AF 32
120 0x78 01111000 30 0x1e 00011110 1:133 AF 33
136 0x88 10001000 34 0x22 00100010 1:141 AF 41
144 0x90 10010000 36 0x24 00100100 1:142 AF 42
152 0x98 10011000 38 0x26 00100110 1:143 AF 43

Actions

Also available in: Atom PDF