Traffic Shaper: Classify unmatched ACK

MageMinds

A lot like unmatched traffic is sent to the qP2P, I would like to be able to classify TCP ACK Packets of uncategorized traffic. By default, after the wizard, the traffic that fall to the default queue also handle the unmatched ACK packets. I wish I could make these uncategorized ACK sent to qOthersDefault.

The problem is that BitTorrent software not always use the specified port, when you receive the connection it's okay, everything is correct, but when you create the connection the software use a high port and it's impossible to classify with regular rules. L7 is useless since encryption is enabled to prevent my ISP to shape my p2p too much.

I know that BitTorrent is now mostly UDP, but seedboxes still uses TCP and if you doesn't send ACK fast enough you do not get a fast download while you upload at top speed, because those ACK packets that I send to the seedbox get stuck or dropped in the qP2P along with all the packets that I am seeding myself, thus slowing down my download.

If I create a floating rule for ACK (out of, i think) will this trap every ACK packets flowing through the router, thus reducing High priority ACK traffic? Does pfSense use the queue priority to escalate the priority of the packets if it found an other rule later that match? Then should I set the priority to qOthersDefault in the Ackqueue or Queue?

Here is two rule that I'm not sure which one would work, if either one of them even work…
Notice the difference in the Queue selection... Also note that I don't want to send them to the qACK, because these ACK are not as important, since they generally come from P2P traffic.

Note: For those of you asking how I create those long screen shoot, there is a plugin for firefox called Screengrab.
![ACK Rule1.png](/public/imported_attachments/1/ACK Rule1.png)
![ACK Rule1.png_thumb](/public/imported_attachments/1/ACK Rule1.png_thumb)
![ACK Rule2.png](/public/imported_attachments/1/ACK Rule2.png)
![ACK Rule2.png_thumb](/public/imported_attachments/1/ACK Rule2.png_thumb)

eri--

The selection is a null one since by default the firewall is stateful.

But i think just add the qOthersDefault to the rule that sends traffic to p2p like you have done in the screenshot and it should be ok.

MageMinds

But i think just add the qOthersDefault to the rule that sends traffic to p2p like you have done in the screenshot and it should be ok.

Thanks for the reply …

After reading you reply I tried a different approach. I've looked into the Advanced property of my P2P software and I found that I can force it to use the same port as the listening port for outgoing connection. This will make my life easier.

Also if others is following this thread, you should probably tell your P2P software to ignore connection from/to clients that use port 80 and 1723, very popular port to defeat ISP QoS and also defeating your QoS; their traffic will get prioritized.

update: Finally found the uT doesn't use the setting I found ... I ended up creating a virtual IP on my interface on my uT machine and I have binded this IP address into Advanced settings of uT and then shaped this new ip address... And it works pretty good right now ...