On 2022-02-07, J Doe <[email protected]> wrote: > My question is - is it unnecessary to include "reassemble tcp" in the > scrub rule if "set reassemble yes" has already been set ? I know the > FAQ example also doesn't explicitly state "set reassemble yes", but man > notes that that is the default setting. > Stated another way - is there ever a case where I would put "set > reassemble yes" and "match in all scrub (... reassemble tcp)" ?
If you want to do the "reassemble tcp" things then you would need to use it in your ruleset, they are different to the IP packet reassembly controlled by "set reassemble". It's a bit unfortunate that they use the same word in the option name. -- Please keep replies on the mailing list.
