-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > So now I wonder how does Daniel Hartmeier's rule prioritize ACKs > packets when these packets don't even match that rule ?? > That rule is only for packets that have SYN flag set, ACK flag unset > and the rest of the flags set/unset.
The rule specifies "keep state" so that PF will build a state table entry that follows the connection in both directions. The rule need only specify the start of the state (which is the packet with S/SA flags), and PF will notice and process all further packets in the connection matching any rules. The pf.conf(5) man page has this to say about the 'queue' modifier: queue <queue> | (<queue>, <queue>) Packets matching this rule will be assigned to the specified queue. If two queues are given, packets which have a tos of lowdelay and TCP ACKs with no data payload will be assigned to the second one. The article you referenced is using the second form of the queue modifier, giving a low-priority and high-priority queue. Thus as PF tracks the state of all packets within the connection, it also performs the queue assignment for each packet, as described. - -- David DeSimone == Network Admin == [EMAIL PROTECTED] "It took me fifteen years to discover that I had no talent for writing, but I couldn't give it up because by that time I was too famous. -- Robert Benchley -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFGiKijFSrKRjX5eCoRAk3qAJwKPkjS6ppovMElUy2eTeaq3XgAOQCgok7l ++8NqZ3FP+4rj3zHTUuZRDY= =/ZYs -----END PGP SIGNATURE----- _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"