j knight wrote:
--- Quoting Serban Giuroiu on 2005/06/12 at 14:59 -0700:
scrub random-id
scrub fragment reassemble
scrub reassemble tcp
scrub out on $ppp max-mss 1440
These scrub rules aren't doing what you think they're doing. "scrub" is
a rule, not an option such as the "set" parameters. The first matching
scrub rule wins. pfctl -vvsr and see just which rules are having an
affect.
.joel
This happens when I do not fully RTFM
/me cries 2 hours of life trying to make that work :'(
/quote:
The scrub directive syntax is very similar to the filtering syntax which
makes it easy to selectively scrub certain packets and not others. The
no keyword can be used in front of scrub to specify packets that will
not be scrubbed. __Just as with nat rules, the first matching rule wins.__
