Altq/Pf trouble on OpenBSD

Question

I'm having some trouble with pf/altq on OpenBSD but as I'm new to it I'm not sure if its because I'm misunderstanding how to use anchors, or if something is wrong with my system.

I'm trying to add altq rules to an anchor using pfctl, but pfctl keeps saying the device is busy when I try. If I use the same rules in pf.conf though it works fine:

root@openbsd:~# uname -a
OpenBSD openbsd.my.domain 5.2 GENERIC.MP#368 amd64

# ---- Show current pf.conf rules -----

root@openbsd:~# cat /etc/pf.conf                                                                                    
pass out on re0
pass in on re0
anchor tshaping

# ---- Try to load altq rules into the anchor -----

root@openbsd:~# echo -n "altq on re0 cbq bandwidth 10Mb queue { myqueue }\nqueue myqueue bandwidth 1Mb cbq(default)\n" | pfctl -a tshaping -f -
pfctl: DIOCADDALTQ: Device busy

# ---- Change the pf.conf to include the altq rules without an anchor -----

root@openbsd:~# cat /etc/pf.conf                                                                                                                
pass out on re0
pass in on re0
altq on re0 cbq bandwidth 10Mb queue { myqueue }
  queue myqueue bandwidth 1Mb cbq(default)

# ---- Load the new pf.conf rules -----

root@openbsd:~# pfctl -f /etc/pf.conf                           

# ---- The new rules load fine from the config file with no anchor -----

root@openbsd:~# pfctl -sa | grep queue
queue root_re0 on re0 bandwidth 10Mb priority 0 cbq( wrr root ) {myqueue}
queue  myqueue on re0 bandwidth 1Mb cbq( default )

score 3 · Accepted Answer · answered Mar 08 '13 at 10:25

According to http://lists.freebsd.org/pipermail/freebsd-pf/2008-October/004826.html you can't load queues into anchors as I'm trying to do.

You have to load the queue rules in to the main pf.conf file and load only the filter rules that assign traffic to the queue(s) into the anchor.

score 0 · Answer 2 · 2013-07-16T14:33:08.430

You can have more than one pf.conf files. Something like this:

/etc/pf.conf
/<whatever path>/tshaping.conf
/<whatever path>/other_rules.conf

and just run:

pfctl -f /etc/pf.conf
pfctl -f /<whatever path>/tshaping.conf
pfctl -f /<whatever path>/other_rules.conf

However, you can manipulate Tables on the fly by using pfctl(8).

So, you can do this: echo -n "altq on re0 cbq bandwidth 10Mb queue { myqueue }\nqueue myqueue bandwidth 1Mb cbq(default)\n" > /whatever path>/tshaping.conf; pfctl -f /<whatever path>/tshaping.conf

Altq/Pf trouble on OpenBSD

2 Answers2