On my Linux box, I can force all fragments to be re-assembled into whole packets before being presented to the firewall, and that's what I've done. However, as near as I can tell, FreeBSD (5.2.1-RELEASE) doesn't have that feature.
So what do I do with fragments? They are a valid part of a tcp conversation, so dropping them isn't good, but neither is just accepting them willy-nilly, either.
Suggestions, please, and TIA.
-ste
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
