From owner-freebsd-pf@FreeBSD.ORG  Mon Jul  2 06:29:10 2007
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 0E7B716A468
	for <freebsd-pf@freebsd.org>; Mon,  2 Jul 2007 06:29:10 +0000 (UTC)
	(envelope-from andrei.manescu@clicknet.ro)
Received: from mailstore4.romtelecom.net (mailstore4.romtelecom.net
	[86.35.15.23]) by mx1.freebsd.org (Postfix) with ESMTP id 9911913C468
	for <freebsd-pf@freebsd.org>; Mon,  2 Jul 2007 06:29:09 +0000 (UTC)
	(envelope-from andrei.manescu@clicknet.ro)
Received: (qmail 12771 invoked by uid 11184); 2 Jul 2007 06:02:27 -0000
Message-ID: <20070702060227.12770.qmail@mailstore4.romtelecom.net>
From: "andrei.manescu@clicknet.ro" <andrei.manescu@clicknet.ro>
To: freebsd-pf@freebsd.org
Date: Mon, 02 Jul 2007 09:02:27 +0300
Mime-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format=flowed
Content-Transfer-Encoding: 7bit
Subject: PF & altq benzedrine.cz prioritizing ACK packets
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Jul 2007 06:29:10 -0000

Hello everyone. 

I've stumbled upon this article at http://www.benzedrine.cx/ackpri.html 
about prioritizing ACKs and the pass out/pass in rules are for packets with 
flags S/SA (SYN flags = set, ACK flag = unset, rest = ignored). 


In the pf manual I found: 

pass in on fxp0 proto tcp from any to any port ssh flags S/SA 

The above rule passes TCP traffic with the SYN flag set while only looking 
at the SYN and ACK flags. A packet with the SYN and ECE flags would match 
the above rule while a packet with SYN and ACK or just ACK would not. 

So now I wonder how does Daniel Hartmeier's rule prioritize ACKs packets 
when these packets don't even match that rule ??
That rule is only for packets that have SYN flag set, ACK flag unset and the 
rest of the flags set/unset. 

I would apreciate an explanation. 

Thank you in advance.
Andrei.