Messages

Thanks for reply franco

It gets me thinking though.. instead of seperating the rule creation, how about making the option to add as part of the firewall rules, then handling that addition in a script?
So if the firewall rule has multiple ports, that is spanned into multiple limiter rules..
That would simplify the process somewhat... perhaps?

Exactly!
The concept of aliases is genius when making rules work.

It seems to me though, that not many people use traffic shaping any more.. Either it's too much hassle (of which OPN really hasn't helped it along) or not enough people know how much it helps make the internet connection work MUCH better for everyone behind the router/firewall..

Hi

I'm trying to move from pfSense to OpnSense, but apparently i'm using features that noone talks about in here..

So.. This is what i'm used to do when creating rules in pfSense:
- I create an alias, either host based or port based list.
- I create rules to reflect how i want to handle the traffic in relation to this alias list.
- I tag which queue and ackqueue i want this rule to point to.
The end result is that i configure the traffic shaper once, and update rules as necessary.

So far it seems i have to do this in OpnSense as following:
- I create rules for traffic, this supports using aliastables.
- I create traffic shaping Pipes and queues in the same way pfSense has their interface -> pipes
- I create one rule for each of the listings in the aliastable

This makes it both very much work as well as difficult to maintain.
Would it be possible to update this interface to handle aliases when generating rules? Or even better, connect the rule to the queues directly..?

Or is there something i simply misunderstand? Would love to get this working without spending hours adding rules to the traffic shaper.

My Setup:
Over the years i've gone from single wan <-> single lan to various multi wan <-> multi lan setups.
Right now i have single wan (2/3 vpn tunnels to route to) <-> multi vlan lan, and can use this with a 2 port physical setup. Having had speeds from 7/0,7 mbps adsl to 50/50 mbps 4G the need for priority based ruling of traffic is very much still needed.