I have this rule in my PF and its not working everything just gets thrown into the high queue and nothing touches the low queue
(this is from the output of pfctl -s rules) pass in on em0 inet proto tcp from any to 208.70.72.13 port = ssh flags S/SA modulate state (source-track rule, max-src-conn-rate 3/30, overload <ssh-attack>, src.track 30) queue(low, high) my ssh is being set with lowdelay (from tcpdump) 14:40:24.180347 13-72-70-208.uniplex.us.ssh > georgia.static.qwest.net.61282: P 5820:5984(164) ack 53 win 17520 (DF) [tos 0x10] and my ssh transfer is being tagged high throughput (from tcpdump) 14:43:53.936143 13-72-70-208.uniplex.us.ssh > georgia.static.qwest.net.2904: . 269868:271328(1460) ack 961 win 17520 (DF) [tos 0x8] any suggestions on what im doing wrong? thanks -- -Lawrence
