On 5 Mar 2004 10:33:44 -0800, [EMAIL PROTECTED] (Ray) wrote: >On Fri, Mar 05, 2004 at 10:07:23AM +0000, Greg Hennessy wrote: >> You dont need to use synproxy on tcp traffic initiated from your LAN. > >This is just me trying to obfuscate the outgoing traffic as much >as possible.
Scrub will do that for you. > >> Also I've found that using synproxy on incoming p2p connections will dump >> the traffic into the default queue rather than one I want. This methinks is >> due to the firewall doing the 3 way handshake rather than the actual >> endpoint. > >I used to use modulate state, but then switched to synproxy for the >above reason. Unless you're using something with really crap ISN generation, there isnt much point really. >but this problem has been present before I recently >switched to synproxy. > I found both PRIQ and CBQ to be far less effective than HFSC in shaping p2p traffic. greg -- You do a lot less thundering in the pulpit against the Harlot after she marches right down the aisle and kicks you in the nuts.
