Hello, in January I had an idea to shape download bandwidth, and I exchanged some emails with various developers (Mike Frantzen, for example).
People asks how to limit *download* bandwith without dropping packets already passed via the pipe to the firewall itself. The point is limiting the data sent by the sender. I think we could take advantage of the existing feature that Daniel added to "prioritize ACKs", and work on those ACKs based on sequence numbers. These numbers are strictly related to the data received by the receiver, so acting on them we should be able to limit (reduce) the number of pps sent by the sender. So, in the end, dropping ACKs from the receiver instead of dropping data from the sender. This would happen locally without saturating the (expensive) pipe to the internet. How does it sound?
