GCD technology...
Hi, folk. Why are not used is available GCD technology in the ports, where it can be used? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
freebsd internal
to whom it may concernim going to make a freebsd such that it can act as a web url filtering gateway but i dont want use tools such as dansguardian or squidguard or ... tools that use proxy to implement url web filtering , also dont want to use firewall package in freebsd such as pf , i want to write a program such as pf but such that can filter based on layer 7 information but independent of other package even if needed change kernel , ... so can you please help me a little ? best regards ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: GCD technology...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 20/06/2010 09:44:34, Ivan Klymenko wrote: Why are not used is available GCD technology in the ports, where it can be used? Do you mean Grand Central Dispatch? As described here: http://wiki.freebsd.org/GCD It's not generally used in the ports because it isn't supported in any released version yet -- the up and coming 8.1-RELEASE will be the first to have it. It's also still considered experimental. Additionally, the userland bits need to be compiled with llvm/clang to support a major chunk of useful functionality (blocks). If you want to try it out, the userland parts are available as devel/libdispatch, and you'll need 8-STABLE as of last November, or any more recent 8.x or 9.x. Options for enabling GCD support in ports that are capable of it will no doubt appear over time. Port maintainers will almost certainly be glad to receive patches to do that. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwd/0UACgkQ8Mjk52CukIwTWQCdE2Ja87bIPD2+fTflVCp2jdDl 0tAAn3AT/XunsUlvF2hODe+3j/QwOXqU =pDT6 -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
thunderbird replacement
I currently am using mail/thunderbird as my mail reader and it is just doing the job very well (even with heavy use of filters) I use xfce4 on 8.1-PRERELEASE (updated and portmaster -Rafd'ed about 3 weeks ago) I am looking for a good replacement suggestions here are the minimal features I need: * Gmail support * Filtering (either internal or via external tool) * Multiple accounts (2) * Ability to send via local sendmail (my ISP blocks incoming port 25 thats why I am using gmail) * Handle over 1000 messages a day * (optional) Plain text archives (unlike how Thunderbird does it) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: freebsd internal
On Sun, Jun 20, 2010 at 3:43 AM, cisco Baz cisco_...@yahoo.com wrote: to whom it may concernim going to make a freebsd such that it can act as a web url filtering gateway but i dont want use tools such as dansguardian or squidguard or ... tools that use proxy to implement url web filtering , also dont want to use firewall package in freebsd such as pf , i want to write a program such as pf but such that can filter based on layer 7 information but independent of other package even if needed change kernel , ... Please explain _why_ you don't want to use a proxy, and _why_ you won't/can't use packet filtering? HTTP __is in fact layer 7__, so why the need to write your own proxy? I mean, writing a layer 7 URL filtering is in a fact a proxy like Squid, so why do you want/need to craft you own proxy? Perhaps, you don't want your users to know that you are filtering them. or you don't want to set-up the proxy in each browser? That is called an intercepting proxy and filters all traffic on the gateway, and you would still use a combination of pf and squid. If you don't want to use squidguard, or dansguardian because of the messages they sent to the user, you can customize that to say or redirect to another form of not authorized page. Please explain the _why_ in your original post and perhaps it would be easier to help you so can you please help me a little ? best regards ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: thunderbird replacement
On Sunday 20 June 2010 13:28:44 Aryeh Friedman wrote: I currently am using mail/thunderbird as my mail reader and it is just doing the job very well (even with heavy use of filters) I use xfce4 on 8.1-PRERELEASE (updated and portmaster -Rafd'ed about 3 weeks ago) I am looking for a good replacement suggestions here are the minimal features I need: * Gmail support * Filtering (either internal or via external tool) * Multiple accounts (2) * Ability to send via local sendmail (my ISP blocks incoming port 25 thats why I am using gmail) * Handle over 1000 messages a day * (optional) Plain text archives (unlike how Thunderbird does it) I'd recommend Claws Mail as a replacement for Thunderbird - I've found it easier to use than Thunderbird 3 and it seems to understand more about mailing lists than Thunderbird, which is nice. There's also a win32 port available, so you even have a decent mail client on Windows too. -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Floppies on VMware workstation FreeBSD guest
On Sunday 20 June 2010 05:19:30 Francisco Reyes wrote: Any has had any success with getting floppies to work on VMware desktop 7 on a FreeBSD guest? Did the following to prepare the floppy #Create empty floppy image dd if=/dev/zero bs=1k count=1440 of=/data/tmp/boot.flp #create md0 and point it to floppy mdconfig -a -t vnode -f /data/tmp/boot.flp -u 0 In case you don't know, you can achieve the same thing using some simpler commands: truncate -s 1440k /data/tmp/boot.flp mdconfig -a -f /data/tmp/boot.flp -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: thunderbird replacement
On Sun, 20 Jun 2010 14:41:48 +0100, Bruce Cran br...@cran.org.uk wrote: On Sunday 20 June 2010 13:28:44 Aryeh Friedman wrote: I currently am using mail/thunderbird as my mail reader and it is just doing the job very well (even with heavy use of filters) I use xfce4 on 8.1-PRERELEASE (updated and portmaster -Rafd'ed about 3 weeks ago) I am looking for a good replacement suggestions here are the minimal features I need: * Gmail support * Filtering (either internal or via external tool) * Multiple accounts (2) * Ability to send via local sendmail (my ISP blocks incoming port 25 thats why I am using gmail) * Handle over 1000 messages a day * (optional) Plain text archives (unlike how Thunderbird does it) I'd recommend Claws Mail as a replacement for Thunderbird - I've found it easier to use than Thunderbird 3 and it seems to understand more about mailing lists than Thunderbird, which is nice. I would also suggest this solution, allthough I'm using Sylpheed (the predecessor of Claws). You can use either POP/SMTP or totally local transport (e. g. sendmail), and you can use mixed forms. Multiple accounts are no problem. Filterin is no problem. Messages are stored in the MH format (one file per message, one directory per box / folder). The program uses Gtk 2. It's also very fast - allthough the Gtk 1 version was faster, but... :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: thunderbird replacement
On Sun, 20 Jun 2010 08:28:44 -0400 Aryeh Friedman aryeh.fried...@gmail.com wrote: I currently am using mail/thunderbird as my mail reader and it is just doing the job very well (even with heavy use of filters) I use xfce4 on 8.1-PRERELEASE (updated and portmaster -Rafd'ed about 3 weeks ago) I am looking for a good replacement suggestions here are the minimal features I need: +1 on claws-mail * Gmail support * Filtering (either internal or via external tool) * Multiple accounts (2) * Ability to send via local sendmail (my ISP blocks incoming port 25 thats why I am using gmail) What does your ISP blocking incoming port 25 have to do with your wanting to use local sendmail? * Handle over 1000 messages a day * (optional) Plain text archives (unlike how Thunderbird does it) You might also consider using a local imap server, so that your local mail store is completely independent of the client ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
locale problems with STL (C++)
Hello, I'm new user of FreeBSD, using it as a desktop since a week. I develop an small ncurses tool for manage todo lists[0]. Up to now I just used on GNU/Linux systems. I'm trying to compile it on FreeBSD, my original Makefiles seems to be too linux-like. I manage to compile it[1], but I have some problems with STL. I read that there is a bug on libstdc++ and the locale[2] and gives a segfault, it seems to be still there. I try to compile it with stlport, it compiles without problems and runs without segfault. But don't works with wide characters. I'm using locale to read files encoded on the local charset, like: wifstream file; file.imbue(locale()); file.open(path); ... This code reads wrongly the wide characters. My system locale is: [mes...@blackspot:~]$ echo $LANG es_ES.UTF-8 Am I missing something? I still don't understand well how locale works on C++, it worked well on GNU/Linux. Any suggestion? Thank you. [0] http://cauterized.net/~meskio/tudu/ [1] I have a branch 'freebsd' on the git repository that compiles on freebsd, needs devel/stlport: http://gitorious.org/tudu/tudu [2] http://gcc.gnu.org/ml/libstdc++/2005-04/msg00021.html -- Rubén Pollán | jabber:mes...@jabber.org -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Veo a un Mickey Mouse envejecido con pasamontañas tirando piedras a una oficina de disney al grito, Fui vuestro esclavo desde 1928 y he conquistado para vosotros millones de corazones y ganado billones de dólares, ¡AHORA DEJADME SER LIBRE! pgpMEaXDcFzkl.pgp Description: PGP signature
Updating ports - KDE3.5 and phonon
I'm about to upgrade my ports, since it's over 3 months since the last upgrade I'm expecting this to be a mega upgrade. In preparation for this I've run portmaster -na to get all the configs up to date and avoid the need for frequent manual intervention when I run the upgrade. This highlighted a potential problem with multimedia/qt4-phonon === Port directory: /usr/ports/multimedia/qt4-phonon === This port is marked IGNORE === conflicts with multimedia/phonon. You have defined WITH_KDE_PHONON to override Qt4 phonon === If you are sure you can build it, remove the IGNORE line in the Makefile and try again. === Update for qt4-phonon-4.6.1 failed === Aborting update Well WITH_KDE_PHONON might have been defined somewhere, but not by me! Checking with UPDATING shows: WITH_QT_PHONON global knob has been introduced to allow selection between multimedia/qt4-phonon* ports (a bit outdated Phonon, which is shipped with Qt4) and multimedia/phonon* ports. Since KDE SC 4.4 requires fresh Phonon, multimedia/phonon* ports are installed by default. If you don't use KDE, you may set WITH_QT_PHONON=yes in /etc/make.conf and continue to use Qt4 Phonon implementation ports. If you want to use KDE SC 4.4 (or if you want the latest Phonon), do not define WITH_QT_PHONON, delete multimedia/qt4-phonon* ports, and install multimedia/phonon*: If you use portmaster: portmaster -o multimedia/phonon multimedia/qt4-phonon portmaster -o multimedia/phonon-gstreamer multimedia/qt4-phonon-gst I'm using KDE but it's version 3.5 which isn't mentioned above so am I right in assuming that in my case I put WITH_QT_PHONON=yes in /etc/make.conf because I'm not using KDE 4.4, even though I'm using KDE? -- Mike Clarke ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
/libexec/ld-elf.so.1: Shared boject libpng.so.5 not found
Whenever I try running an application that relies on GTK+ or QT, I get that error message. How should I fix this? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: /libexec/ld-elf.so.1: Shared boject libpng.so.5 not found
In the last episode (Jun 20), Caleb Stein said: Whenever I try running an application that relies on GTK+ or QT, I get that error message. How should I fix this? You must have upgraded your libpng port, and either the application or one of the shared libraries it uses hasn't been rebuilt since then. libpng.so.6 is the current version. Run ldd -a myapplication, and rebuild anything that claims to depend on libpng.so.5. One way to minimize damage like this is to use either portupgrade or portmaster to do updates for you. Those programs can back up old versions of shared libraries to /usr/local/lib/compat/pkg, so you won't get errors like that. Portupgrade will make a backup automatically, and so will portmaster if you add -w to the commandline. -- Dan Nelson dnel...@allantgroup.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: /libexec/ld-elf.so.1: Shared boject libpng.so.5 not found
On Monday 21 June 2010 00:57:17 Caleb Stein wrote: Whenever I try running an application that relies on GTK+ or QT, I get that error message. How should I fix this? You must have upgraded libpng at some point and didn't notice or follow the instructions in /usr/ports/UPDATING which tells you to rebuild all affected ports. It's easy to forget, but then you find random applications start breaking. -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
OT
happy father's day to every dad stateside. same wishes to all dads of course. my view is that both mother's and father's day should be held internationally. it well may be for all i know. AFAIC, fatherhood is the kind of trip that beats even programming in C. on the best OS on earth. 'sall, folks -- Gary Kline kl...@thought.org http://www.thought.org Public Service Unix The 7.83a release of Jottings: http://jottings.thought.org/index.php http://journey.thought.org 99 44/100% Guaranteed Novel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: OT
On Sun, Jun 20, 2010 at 9:29 PM, Gary Kline kl...@thought.org wrote: happy father's day to every dad stateside. same wishes to all dads of course. my view is that both mother's and father's day should be held internationally. it well may be for all i know. AFAIC, fatherhood is the kind of trip that beats even programming in C. on the best OS on earth. My sentiments exactly. Happy Father's Day to All the Dads! Thanks Gary :) -Brandon, Ava's Dad ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Ssh attack appears to be hanging ssh
I am running 8.1 BETA. My server started getting hammered with brute force ssh login attacks recently. One thing I have noticed is that I see lots of these: Jun 18 23:26:47 www3 sshd[33171]: error: ssh_msg_send: write Jun 18 23:26:47 www3 sshd[33169]: error: ssh_msg_send: write Jun 18 23:26:47 www3 sshd[33172]: error: ssh_msg_send: write Jun 18 23:26:47 www3 sshd[33176]: error: ssh_msg_send: write Jun 18 23:26:47 www3 sshd[33175]: error: ssh_msg_send: write Jun 18 23:26:47 www3 sshd[33170]: error: ssh_msg_send: write Jun 18 23:26:47 www3 sshd[33174]: error: ssh_msg_send: write Jun 18 23:28:30 www3 sshd[33254]: error: ssh_msg_send: write Jun 18 23:28:30 www3 sshd[33255]: error: ssh_msg_send: write in my logs, which roughly correlates to when the problems start. I have sshguard running, so I am thinking that the above messages are happening because ipf has cut off communication with the host. Anyhow, at some point, and for some reason, ssshd stops processing new requests. The sshed process continues to run, but simply does not work. From a the side of a system trying to log in, I see this (logging set to DEBUG in sshd_config: ssh -v u...@www3.stelesys.com OpenSSH_5.2p1 FreeBSD-20090522, OpenSSL 0.9.8k 25 Mar 2009 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Connecting to www3.stelesys.com [69.61.23.66] port 22. debug1: Connection established. debug1: identity file /home/user/.ssh/identity type -1 debug1: identity file /home/user/.ssh/id_rsa type -1 debug1: identity file /home/user/.ssh/id_dsa type -1 ssh_exchange_identification: Connection closed by remote host On the server side, I see this in the debug logs: Jun 20 22:43:11 www3 sshd[76171]: debug1: fd 5 clearing O_NONBLOCK Jun 20 22:43:11 www3 sshd[76171]: debug1: drop connection #10 I happened to catch one in the act... This log snipped starts with sshd being started, is attacked by one host and ends with the sshd server locking up: Jun 20 21:44:18 www3 sshd[76171]: debug1: Bind to port 22 on ::. Jun 20 21:44:18 www3 sshd[76171]: debug1: Bind to port 22 on 0.0.0.0. Jun 20 21:44:53 www3 sshd[76171]: debug1: fd 5 clearing O_NONBLOCK Jun 20 21:44:53 www3 sshd[76171]: debug1: Forked child 76179. Jun 20 21:44:53 www3 sshd[76179]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8 Jun 20 21:44:53 www3 sshd[76179]: debug1: inetd sockets after dupping: 3, 3 Jun 20 21:44:53 www3 sshd[76179]: debug1: res_init() Jun 20 21:44:53 www3 sshd[76171]: debug1: fd 5 clearing O_NONBLOCK Jun 20 21:44:53 www3 sshd[76171]: debug1: Forked child 76180. Jun 20 21:44:53 www3 sshd[76180]: debug1: rexec start in 5 out 5 newsock 5 pipe 8 sock 9 Jun 20 21:44:53 www3 sshd[76180]: debug1: inetd sockets after dupping: 3, 3 Jun 20 21:44:53 www3 sshd[76180]: debug1: res_init() Jun 20 21:44:53 www3 sshd[76171]: debug1: fd 5 clearing O_NONBLOCK Jun 20 21:44:53 www3 sshd[76171]: debug1: Forked child 76181. Jun 20 21:44:53 www3 sshd[76181]: debug1: rexec start in 5 out 5 newsock 5 pipe 9 sock 10 Jun 20 21:44:53 www3 sshd[76181]: debug1: inetd sockets after dupping: 3, 3 Jun 20 21:44:53 www3 sshd[76181]: debug1: res_init() Jun 20 21:44:53 www3 sshd[76171]: debug1: fd 5 clearing O_NONBLOCK Jun 20 21:44:53 www3 sshd[76171]: debug1: Forked child 76182. Jun 20 21:44:53 www3 sshd[76182]: debug1: rexec start in 5 out 5 newsock 5 pipe 10 sock 11 Jun 20 21:44:53 www3 sshd[76182]: debug1: inetd sockets after dupping: 3, 3 Jun 20 21:44:53 www3 sshd[76182]: debug1: res_init() Jun 20 21:44:53 www3 sshd[76171]: debug1: fd 5 clearing O_NONBLOCK Jun 20 21:44:53 www3 sshd[76171]: debug1: Forked child 76183. Jun 20 21:44:53 www3 sshd[76183]: debug1: rexec start in 5 out 5 newsock 5 pipe 11 sock 12 Jun 20 21:44:53 www3 sshd[76183]: debug1: inetd sockets after dupping: 3, 3 Jun 20 21:44:53 www3 sshd[76183]: debug1: res_init() Jun 20 21:44:53 www3 sshd[76171]: debug1: fd 5 clearing O_NONBLOCK Jun 20 21:44:53 www3 sshd[76171]: debug1: Forked child 76184. Jun 20 21:44:53 www3 sshd[76184]: debug1: rexec start in 5 out 5 newsock 5 pipe 12 sock 13 Jun 20 21:44:53 www3 sshd[76184]: debug1: inetd sockets after dupping: 3, 3 Jun 20 21:44:53 www3 sshd[76184]: debug1: res_init() Jun 20 21:44:53 www3 sshd[76171]: debug1: fd 5 clearing O_NONBLOCK Jun 20 21:44:53 www3 sshd[76171]: debug1: Forked child 76185. Jun 20 21:44:53 www3 sshd[76185]: debug1: rexec start in 5 out 5 newsock 5 pipe 13 sock 14 Jun 20 21:44:53 www3 sshd[76171]: debug1: fd 5 clearing O_NONBLOCK Jun 20 21:44:53 www3 sshd[76171]: debug1: Forked child 76186. Jun 20 21:44:53 www3 sshd[76186]: debug1: rexec start in 5 out 5 newsock 5 pipe 14 sock 15 Jun 20 21:44:53 www3 sshd[76185]: debug1: inetd sockets after dupping: 3, 3 Jun 20 21:44:53 www3 sshd[76185]: debug1: res_init() Jun 20 21:44:53 www3 sshd[76186]: debug1: inetd sockets after dupping: 3, 3 Jun 20 21:44:53 www3 sshd[76186]: debug1: res_init() Jun 20 21:44:53 www3 sshd[76171]: debug1: fd 5 clearing O_NONBLOCK Jun 20 21:44:53 www3 sshd[76171]:
Re: OT
Hi, my view is that both mother's and father's day should be held internationally. it well may be for all i know. Here in Thailand, father's day is on the King birthday, Dec 5th. Now how I see of father's day in France, it is a commercial thing only. Like one would need a special day to love his dad: send them wished on father's day and then let them die from heat exhaustion like it happened 2 or 3 years ago. AFAIC, fatherhood is the kind of trip that beats even programming in C. on the best OS on earth. Agreed, but would you accept to program only one day a year? :) Father's day must be everyday and save us this special day spam :) Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Online gaming and file downloads - latency hell!
In freebsd-questions Digest, Vol 315, Issue 11, Message: 9 On Fri, 18 Jun 2010 12:11:48 +0200 Morgan Wesstr?m freebsd-questi...@pp.dyndns.biz wrote: On 2010-06-16 02:51, Modulok wrote: Yo, I have a FreeBSD box acting as a router between me and the Internet. Whenever someone on the local network downloads something, the other connections have a really high latency. A second or more. For people who like to download large files and play online games, it's not good. I tried traffic shaping with PF, which works - almost: I tried the home example in the PF book, but it doesn't work out so well. I can throttle users with no trouble, but even so that doesn't seem to help the latency issue unless I choke the 'big file download' users almost completely off. It's like nothing helps. I tried a priority based queue where all traffic on the gaming ports was placed in front of all other traffic, and while I saw a very mild improvement, latency was still really pitiful. Is there anything else I can do? Anyone have a similar setup and wish to share config files? Are there some sysctl's that would help this out or something. I'm almost ready to just buy a 'gaming' *gag* router which implements their own brand of QoS, but don't want to sink to that level if I don't have to. Help! -Modulok- Traffic shaping on your side when downloading unfortunately doesn't help you. The data has already been transferred across your cable or DSL connection by then and reordering any packets on your side will not change the latency. Traffic shaping your download has to be performed at your upstream router which you probably don't control. PF can help you traffic shape your outgoing traffic. I have used it for this for the past 6 years to help me maintain a low and stable ping while I play online, even if I upload simultaneously. I've read about people trying to throttle outgoing ACKs to slow down their download but that still wouldn't rearrange any incoming data packets so I don't see how that would help. I haven't tried it myself though but neither have I read about anyone successfully accomplishing this. Regards Morgan A short story: About 15 months ago, before becoming aware that Luigi and colleagues had been busy porting ipfw and dummynet to Linux, I was asked to implement a shaping solution for a very limited (512/512kbps) ADSL connection for a community radio station using a Linux firewall-in-a-box called IPCop as router, whose shaping was based on Bert Hubert's WonderShaper script, using Linux' tc module to prioritise and shape only outbound traffic. Having used ipfw+dummynet successfully for some years to shape traffic for a local voluntary organisation 'Community Technology Centre', I was staggered to find that all of the collective Linux wisdom on the subject chanted that same mantra .. that you can't prioritise download traffic, as the ISP will have 'gigantic queues' of TCP traffic that you can't control, and that prioritising ACKs, QoS and ICMP traffic and such is the best you can do. By this philosophy, tc only implements limiting total bandwidth of inbound traffic, shaping outbound by QoS and classes. To disprove this pervasive myth I had to implement inbound shaping by using tc to control the _outbound_ traffic to the _inside_ interface, where all sorts of random clients are doing big downloads, yootoobing and such plus some big uploads, while guaranteeing that the station's outbound audio stream had fully half the outbound-to-net bandwidth free without undue pressure and that remote ssh sessions etc remained snappy. This involves queuing inbound (mostly TCP) traffic on the local router, dropping any excess, which works most effectively to maintain a hard limit to downloads (at around 85% of 512kbps) while keeping the outbound (to-net) channel lightly loaded after streaming, ACKs, and uploads. I don't know how pf works (or can be made to work) in this regard, nor can I speculate about gaming latency particularly, but hope to find out soon by either replacing the old IPCop box with pfSense, or trying ipfw and dummynet on Linux .. I know, but they're still reluctant to shop other than Linux, and the idea of implementing a FreeBSD-derived firewall and shaping solution on Linux has a good deal of appeal .. HTH (or at least, doesn't hurt :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org