2
2
When I connect to my server (RasPI 2 with Raspbian) remotely, I want my interactive SSH sessions to always have priority over any running SFTP sessions. Also, SFTP sessions should have less priority than e.g. SMB traffic in the local network.
The server is behind a dd-wrt router, in turns connected to a cable modem with 5Mbps uplink bandwidth.
I understand I should use iptables
to mark the outgoing packets to different classes and tc
to put them in different classes. But how can I tell iptables to discern SSH packets from SFTP packets and mark them differently? In the scenario above they come from the same port, the process name is the same (sshd
), the user is the same and also the destination IP address.
The sshd daemon is using its internal SFTP server to use the ChrootDirectory
feature.