On Tue, Nov 13, 2007 at 03:53:38PM +0200, Alupului Costin wrote:
> On Nov 13, 2007 4:20 AM, Girish Venkatachalam
> <[EMAIL PROTECTED]> wrote:
> > On 22:08:03 Nov 12, Alupului Costin wrote:
> > >
> > > pass in quick on vlan0 from any to anIP/32
> > > pass out quick on vlan0 from anIP/32 to any keep
On Tue, Nov 13, 2007 at 07:25:23PM +0530, Girish Venkatachalam wrote:
> On 18:57:34 Nov 13, Girish Venkatachalam wrote:
> > I just read the post you linked. Thanks. :)
>
> I read the post once again and it looks as though I understood what is
> mentioned there.
>
> The 'no-df' in scrub rule clear
On 15:53:38 Nov 13, Alupului Costin wrote:
> When that client tries logging in to Yahoo Messenger I can see an
> increase in the number of state-mismatch reported by pfctl -si. There
> are states established, but after a while the packets simply do not
> match the states created. Also they will n
On Nov 13, 2007 2:30 PM, J65nko <[EMAIL PROTECTED]> wrote:
>
> On Nov 12, 2007 9:08 PM, Alupului Costin <[EMAIL PROTECTED]> wrote:
> > Hello all,
> >
> > I seem to have quite a problem with PF. I have set up a bridge to
> > shape my upstream traffic. I use ALTQ with hfsc discipline; but that's
> >
On 18:57:34 Nov 13, Girish Venkatachalam wrote:
> I just read the post you linked. Thanks. :)
I read the post once again and it looks as though I understood what is
mentioned there.
The 'no-df' in scrub rule clears the Don't fragment bit in the IP
header. When a host wrongly sends fragmented pack
On Nov 13, 2007 4:20 AM, Girish Venkatachalam
<[EMAIL PROTECTED]> wrote:
> On 22:08:03 Nov 12, Alupului Costin wrote:
> > I seem to have quite a problem with PF. I have set up a bridge to
> > shape my upstream traffic. I use ALTQ with hfsc discipline; but that's
> > not really important. My problem
On 23:42:20 Nov 12, Erik Osterholm wrote:
> My understanding (and please correct me if I'm wrong) is that
> keeping state requires fragmented packet reassembly, which can break
> some applications.
You mean that you cannot support "broken applications" if you do
reassembly?
Packet reassembly h
On Nov 12, 2007 9:08 PM, Alupului Costin <[EMAIL PROTECTED]> wrote:
> Hello all,
>
> I seem to have quite a problem with PF. I have set up a bridge to
> shape my upstream traffic. I use ALTQ with hfsc discipline; but that's
> not really important. My problem comes with the filter rules. I have
> to
On Tue, Nov 13, 2007 at 07:50:53AM +0530, Girish Venkatachalam wrote:
> On 22:08:03 Nov 12, Alupului Costin wrote:
> > I seem to have quite a problem with PF. I have set up a bridge to
> > shape my upstream traffic. I use ALTQ with hfsc discipline; but that's
> > not really important. My problem co
On 22:08:03 Nov 12, Alupului Costin wrote:
> I seem to have quite a problem with PF. I have set up a bridge to
> shape my upstream traffic. I use ALTQ with hfsc discipline; but that's
> not really important. My problem comes with the filter rules. I have
> to use keep state because of the speed ben
10 matches
Mail list logo
