Re: pf: reassemble tcp

2014-09-13 Thread Kapetanakis Giannis
On 13/09/14 11:55, Henning Brauer wrote: * Kapetanakis Giannis [2014-09-06 00:50]: I'm asking about "reassemble tcp". According to some 2010's threads in misc@ it used to cause problems to some users. I'm wondering what's the status now. unchanged. Thanks for the reply G

Re: pf: reassemble tcp

2014-09-13 Thread Henning Brauer
* Kapetanakis Giannis [2014-09-06 00:50]: > I'm asking about "reassemble tcp". > > According to some 2010's threads in misc@ it used to cause problems to some > users. > I'm wondering what's the status now. unchanged. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, h

Re: pf: reassemble tcp

2014-09-13 Thread Henning Brauer
* Sonic [2014-09-05 17:12]: > On Fri, Sep 5, 2014 at 4:42 AM, Kapetanakis Giannis > wrote: > > yeah, don't use reassemble tcp. it's not perfect. > Isn't that default behavior? hell, no. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP

Re: pf: reassemble tcp

2014-09-05 Thread Kapetanakis Giannis
On 05/09/14 18:10, Sonic wrote: On Fri, Sep 5, 2014 at 4:42 AM, Kapetanakis Giannis wrote: yeah, don't use reassemble tcp. it's not perfect. Isn't that default behavior? Is it recommended to disable this feature? I'm not asking about "set reassemble" for fragmented packets (which in on by

Re: pf: reassemble tcp

2014-09-05 Thread Sonic
On Fri, Sep 5, 2014 at 4:42 AM, Kapetanakis Giannis wrote: > yeah, don't use reassemble tcp. it's not perfect. Isn't that default behavior? Is it recommended to disable this feature?

Re: pf: reassemble tcp

2014-09-05 Thread Kapetanakis Giannis
I've found the following in the archives. Is the situation still the same with reassemble tcp? My only scrub rule (in firewall/router) is match in all scrub (no-df random-id reassemble tcp max-mss 1440) Should I be worried? Thanks G List: openbsd-misc Subject: Re: pf: reass

Re: pf: reassemble tcp

2010-01-13 Thread Henning Brauer
* Ted [2010-01-14 05:03]: > On Thu, Jan 14, 2010 at 12:46 PM, Henning Brauer wrote: > > > > > > I have > > > > > > match in all scrub (tcp reassemble no-df random-id max-mss 1440) > > > > > > in my pf.conf (-current) > > > > yeah, don't use reassemble tcp. it's not perfect. > > > > How about f

Re: pf: reassemble tcp

2010-01-13 Thread Ted
On Thu, Jan 14, 2010 at 12:46 PM, Henning Brauer wrote: > > > I have > > > > match in all scrub (tcp reassemble no-df random-id max-mss 1440) > > > > in my pf.conf (-current) > > yeah, don't use reassemble tcp. it's not perfect. > How about fragment reassemble? I'm using it on my OpenBSD 4.5 p

Re: pf: reassemble tcp

2010-01-13 Thread Henning Brauer
* nixlists [2010-01-13 22:56]: > Hi. > > I have > > match in all scrub (tcp reassemble no-df random-id max-mss 1440) > > in my pf.conf (-current) > > Unless I remove 'tcp reassemble', one of the web sites (it's a > Windows/IIS) site cannot communicate with me - it hangs loading a > page. >

pf: reassemble tcp

2010-01-13 Thread nixlists
Hi. I have match in all scrub (tcp reassemble no-df random-id max-mss 1440) in my pf.conf (-current) Unless I remove 'tcp reassemble', one of the web sites (it's a Windows/IIS) site cannot communicate with me - it hangs loading a page. Any ideas?