* Reyk Floeter <[email protected]> [2010-06-02 11:16]: > > also, due to pfsync changes, the failover isn't perfect (pfsync is out > > of the equation), so you'll lose your sessions. given how often I lose > > perfectly valid tcp sessions that just idle a bit when I am at foreign > > networks (conferences, especially at universities, hotels, ...) users > > must be used to that :) > well, hmmm, depends on the users and the networks. i think pf is used > in other places than just in playgrounds, conferences, and hotels ;(
apparently that wasn't clear. these places use some other crap for firewall/NAT, not OpenBSD. The idea that someone installing those networks could have remotely enough of a clue to find tcp.established and change it to, what, 300 seconds... no. impossible. wait. clue and changing tcp.established to something small in one person cannot exist. q. e. d. -- Henning Brauer, [email protected], [email protected] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
