* Damien Miller <[EMAIL PROTECTED]> [2007-07-08 10:49]:
> On Sat, 7 Jul 2007, Lawrence Horvath wrote:
>
> > Is there a way using pf to distinguish between ssh shell logins, and
> > scp file transfers?
>
> Not easily: ssh sets IPTOS_THROUGHPUT for non-interactive sessions,
> but does it after the TCP handshake. If you are assigning connections
> to queues statefully, this is too late, as the state would have already
> been created with the default TOS.
but that is what the two seperate queue assignments per state are for...
Packets can be assigned to queues based on filter rules by using the
queue keyword. Normally only one queue is specified; when a second one
is specified it will instead be used for packets which have a TOS of
lowdelay and for TCP ACKs with no data payload.
but I amsure you can read pf.conf.5 on your own machine :)
--
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
