On Thu, Jan 11, 2007 at 09:46:39PM -0600, Travis H. wrote:
> So, surprisingly, many OSes don't synchronize their TCP timestamp
> clock to their system clock, so effectively they leak the skew of
> that clock, even if they are synching their system clock via NTP.
>
> I am wondering what the current behavior is for OpenBSD, and if
> scrubbing or any other pf function (e.g. synproxy) does anything
> about it.
The first match searching for 'timestamp' in pf.conf(5) is in
TRAFFIC NORMALIZATION
reassemble tcp
timestamp modulation
reassemble tcp will cause scrub to modulate the TCP timestamps
with a random number.
which sounds like it might be vaguely relevant, have you tried that? ;)
Daniel
