Илья Шипицин <chipitsine <at> gmail.com> writes: > I'm investigating whether it is possible to block certain UDP signatures ? > Maybe, I'd like not to block them, but lower priority using ALTQ, > > for instance, this kind of traffic: > > http://www.wireshark.org/docs/dfref/b/bt-utp.html > > traffic signatures are known.
Long time ago I have had success with "sort out known-needed-for-work traffic and put the rest into low priority queue" policy. Signatures can change over time, regular users inside a network will be asking power users to setup proxies and so on. At some point, I ended up with a configuration where "the rest" was a torrents/skype. Much easier to maintain. skype people hating torrent people was "not my problem, teach torrent people about respect and usage of limit knobs".
