On Tuesday, Jun 24, 2003, at 13:38 US/Pacific, Jonathan Kennedy wrote:
I'm having a different problem now though. When I initiate an ssh
connection from the internet->gateway, pfctl -v -v -s queue shows
that a few packets are going into the ext_ssh queue when the connection
is first established. After that, there are no other packets going into
ext_ssh as I enter commands. I am expecting packets going out from the
server, such as the response to an 'ls' command, would be queued in
ext_ssh as per this rule:
pass in on xl0 inet proto tcp from 66.45.X.X/32 to any port 22 \
flags S/SA keep state queue (ext_ssh, ext_pri)
OpenBSD's ssh uses the old IPv4 TOS field, and sets it to "lowdelay"
for interactive sessions. It only decides they're interactive after
the initial connection setup and login. pf uses the priority queue
for tos-lowdelay packets.
