tcp rules can use 'keep frags' TCP packets allow fragmentation by intermediate routers that need re-assembly at the final destination
On Wed, 2005-02-16 at 08:36, dick hoogendijk wrote: > I read a lot of rulesets for ipfilter just to study how others do the > job. > I've read the ipf HOWTO too. One thing is still very unclear to me > though. > Most rules for tcp have something like "flags S keep state" but *some* > have "flags S keep state keep frags" > > Can someone explain to me *when* to use keep frags and when not to? The > HOWTO is very unclear about this. What exactly is the use of this extra > 'keep frags'? -- Murray Taylor Special Projects Engineer --------------------------------- Bytecraft Systems & Entertainment P: +61 3 8710 2555 F: +61 3 8710 2599 D: +61 3 9238 4275 M: +61 417 319 256 E: [EMAIL PROTECTED] or visit us on the web http://www.bytecraftsystems.com http://www.bytecraftentertainment.com --------------------------------------------------------------- The information transmitted in this e-mail is for the exclusive use of the intended addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material. E-mails may not be secure, may contain computer viruses and may be corrupted in transmission. Please carefully check this e-mail (and any attachment) accordingly. No warranties are given and no liability is accepted for any loss or damage caused by such matters. --------------------------------------------------------------- ***This Email has been scanned for Viruses by MailMarshal.*** _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
