On Sun, 06 Aug 2006 19:50:56 -0500, you wrote:
>Not to derail this excellent topic, but I have to ask why you use the
>LAN to do outgoing rules when using the WAN for both Incoming and
>Outgoing works just the same and little easier to keep track of mentally
>(Incoming = Anything from the WAN to my local IP && Outgoing = Anything
>from my local IP to the WAN) ? For my VoIP adapters, I use rules that
>allows their IP address (local LAN) highest priority on the outbound and
>inbound and don't worry about pipe size since I know they won't use more
>than 100 Kb/s per line at any time. I'm not trying to split hairs, but
>often I'll see in this mailing list to keep all your rules on the WAN
>side to make things easier and not worry about LAN side traffic shaping
>rules even though they can do the same thing.
I agree that it makes more sense or is at least more elegant to place all the
rules on the WAN interface but I was never able to get outgoing traffic shaping
to work when setup like that. Not being one to allow sense or elegance to hold
back a working configuration, one of the first things I tried after reading that
rules only affected packets incoming on an interface was to move my outgoing
traffic shaping rules to the LAN or OPT interface.
Maybe this issue only comes up if you are bridging interfaces?