hi there, reading about the recent apache timeout DoS (ha.ckers.org/) i had look at the default pf timeouts. i have two questions.
where does the number for tcp.established 86400s come from? what is the rationale behind a 24h timout for estabilished tcp connections? just curious, i have no idea what a better number could be if there is one. and this fella tcp.tsdiff 30s i can't find anything about this in pf.conf(5) -f -- opinions are like assholes --- everybody has one.
