Hi Mark,
I'm one of the people who managed to get in trouble due to this, and I
thought I'd just mention that the situations where it can occur can be
quite subtle, for example:
block all
pass in on $external proto tcp from $internet to $webserver port $http
pass out on $internal keep state
pass
On Fri, Jun 30, 2006 at 09:40:38PM -0700, Mark Voelker wrote:
I'm frequently hearing (not only in these threads) that pf is
thought to be buggy with regards to window scaling that and that
it can cause problems like those described in these threads.
Problems like this occur when people use
Daniel,
Thanks for a very lucid explanation! I had wondered if it might
be more of a user error situation (and thankfully I've only
discovered one such erroneously configured OpenBSD machine so
far!).
Mark
--- Daniel Hartmeier [EMAIL PROTECTED] wrote:
On Fri, Jun 30, 2006 at 09:40:38PM
Yeah, great explanation.
I'm adding this to my list of things that should be in the docs
list, hopefully I'll get a chance to submit some patches some day.
--
Resolve is what distinguishes a person who has failed from a failure.
Unix guru for sale or rent -
