Brad Waite wrote: > Read through http://www.benzedrine.cx/ackpri.html which makes perfect > sense (for the most part). What I'm getting hung up on is the use of > the TCP flags in the filtering: > > pass out on $ext_if proto tcp from $ext_if to any flags S/SA \ > keep state queue (q_def, q_pri) > > > From what the pf.conf(5) man page says, "flags S/SA" will never > > match an > ACK. If that's the case, then packets will only be assigned to queue > q_pri when they have a TOS of lowdelay, since those and empty ACKs > are the only things assigned to the second queue. > > Both this page and the FAQ examples indicate that the above rule will > assign ACKs to the higher priority queue, but I can't see how. > > Would someone please enlighten me?
As I understand it, this rule will only apply to the initial connection. Once the connection is established, the connection will no longer be managed by the rule and will be handed off to the state table which will apply to all traffic that matches the state along with the associated queues.
