I guess that’s a thought. I had been letting anything not in the super-restricted class use the default classifier, but I guess I could put anything not matching those into a new pair of classes.
Would I put the catch-all rules before or after the more restrictive ones?
IE: 192.168.13.0/24 might be my whole subnet, and 192.168.13.100-192.168.13.110 might be the restricted guys.
I used to use OpenBSD’s pf, so I’m wondering if this has rules working as “first match wins”, or as “last match wins”.
Thanks for the idea!
EDIT: Oh, I remembered another question I had after looking at this. Wouldn’t this prevent the “guarenteed bandwidth” feature from working properly?