Salut Vlad ([EMAIL PROTECTED]), ================================================================================ Acest e-mail e un raspuns la e-mailul "[rofug] PF scrubbing nu functioneaza?" primit Wednesday, May 17, 2006, 6:36:51 PM:
Vlad GALU> On 5/17/06, Dragos <[EMAIL PROTECTED]> wrote: Vlad GALU> [...] Vlad GALU> Vad ca TTL-ul ti-l mareste corect la 128. Uita-te cu pfctl -sr -v Vlad GALU> sa vezi cite matches ai pe fiecare regula de scrub. ================================================================================ scrub on rl0 all min-ttl 128 max-mss 1400 fragment reassemble [ Evaluations: 683742 Packets: 119337 Bytes: 0 States: 0 ] scrub on rl1 all min-ttl 128 max-mss 1400 fragment reassemble [ Evaluations: 564405 Packets: 45880 Bytes: 0 States: 0 ] scrub on rl2 all min-ttl 128 max-mss 1400 fragment reassemble [ Evaluations: 518525 Packets: 21941 Bytes: 0 States: 0 ] scrub on rl0 all no-df fragment reassemble [ Evaluations: 496584 Packets: 0 Bytes: 0 States: 0 ] scrub on rl1 all no-df fragment reassemble [ Evaluations: 496584 Packets: 0 Bytes: 0 States: 0 ] scrub on rl2 all no-df fragment reassemble [ Evaluations: 496584 Packets: 0 Bytes: 0 States: 0 ] scrub on rl0 all fragment reassemble [ Evaluations: 496584 Packets: 0 Bytes: 0 States: 0 ] scrub on rl1 all fragment reassemble [ Evaluations: 496584 Packets: 0 Bytes: 0 States: 0 ] scrub on rl2 all fragment reassemble [ Evaluations: 496584 Packets: 0 Bytes: 0 States: 0 ] scrub on rl0 all random-id fragment reassemble [ Evaluations: 496584 Packets: 0 Bytes: 0 States: 0 ] scrub on rl1 all random-id fragment reassemble [ Evaluations: 496584 Packets: 0 Bytes: 0 States: 0 ] scrub on rl2 all random-id fragment reassemble [ Evaluations: 496584 Packets: 0 Bytes: 0 States: 0 ] scrub out on rl2 all random-id fragment reassemble [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] scrub on rl0 all reassemble tcp fragment reassemble [ Evaluations: 496584 Packets: 0 Bytes: 0 States: 0 ] scrub on rl1 all reassemble tcp fragment reassemble [ Evaluations: 496584 Packets: 0 Bytes: 0 States: 0 ] scrub on rl2 all reassemble tcp fragment reassemble [ Evaluations: 496584 Packets: 0 Bytes: 0 States: 0 ] Intradevar, nu stiu de ce nu m-am gandit sa verific asa. Se pare ca pf-ul vrea sa aiba toate optiunile intr-o singura linie, ceea ce arata cam ciudat. pfctl -sr -v | grep -v pass|grep -v block scrub on rl0 all no-df random-id min-ttl 128 max-mss 1400 reassemble tcp fragment reassemble [ Evaluations: 91373 Packets: 41319 Bytes: 0 States: 0 ] scrub on rl1 all no-df random-id min-ttl 128 max-mss 1400 reassemble tcp fragment reassemble [ Evaluations: 50054 Packets: 19994 Bytes: 0 States: 0 ] scrub on rl2 all no-df random-id min-ttl 128 max-mss 1400 reassemble tcp fragment reassemble [ Evaluations: 30060 Packets: 16840 Bytes: 0 States: 0 ] Pare sa fie mai ok acum, cu toate ca datorita numarului mare de sesiuni imi e mai greu sa urmaresc id-ul. Sa fie oare asta cauza... Merci. Numai bine, Dragos ________________________________________________________ To unsubscribe send a mail to [EMAIL PROTECTED]
