On Nov 12, 2007 9:08 PM, Alupului Costin [EMAIL PROTECTED] wrote:
Hello all,
I seem to have quite a problem with PF. I have set up a bridge to
shape my upstream traffic. I use ALTQ with hfsc discipline; but that's
not really important. My problem comes with the filter rules. I have
to use
On 23:42:20 Nov 12, Erik Osterholm wrote:
My understanding (and please correct me if I'm wrong) is that
keeping state requires fragmented packet reassembly, which can break
some applications.
You mean that you cannot support broken applications if you do
reassembly?
Packet reassembly
On Nov 13, 2007 4:20 AM, Girish Venkatachalam
[EMAIL PROTECTED] wrote:
On 22:08:03 Nov 12, Alupului Costin wrote:
I seem to have quite a problem with PF. I have set up a bridge to
shape my upstream traffic. I use ALTQ with hfsc discipline; but that's
not really important. My problem comes
On 18:57:34 Nov 13, Girish Venkatachalam wrote:
I just read the post you linked. Thanks. :)
I read the post once again and it looks as though I understood what is
mentioned there.
The 'no-df' in scrub rule clears the Don't fragment bit in the IP
header. When a host wrongly sends fragmented
On Nov 13, 2007 2:30 PM, J65nko [EMAIL PROTECTED] wrote:
On Nov 12, 2007 9:08 PM, Alupului Costin [EMAIL PROTECTED] wrote:
Hello all,
I seem to have quite a problem with PF. I have set up a bridge to
shape my upstream traffic. I use ALTQ with hfsc discipline; but that's
not really
On 15:53:38 Nov 13, Alupului Costin wrote:
When that client tries logging in to Yahoo Messenger I can see an
increase in the number of state-mismatch reported by pfctl -si. There
are states established, but after a while the packets simply do not
match the states created. Also they will not
On Tue, Nov 13, 2007 at 07:25:23PM +0530, Girish Venkatachalam wrote:
On 18:57:34 Nov 13, Girish Venkatachalam wrote:
I just read the post you linked. Thanks. :)
I read the post once again and it looks as though I understood what is
mentioned there.
The 'no-df' in scrub rule clears the
On Tue, Nov 13, 2007 at 03:53:38PM +0200, Alupului Costin wrote:
On Nov 13, 2007 4:20 AM, Girish Venkatachalam
[EMAIL PROTECTED] wrote:
On 22:08:03 Nov 12, Alupului Costin wrote:
pass in quick on vlan0 from any to anIP/32
pass out quick on vlan0 from anIP/32 to any keep state queue
On 22:08:03 Nov 12, Alupului Costin wrote:
I seem to have quite a problem with PF. I have set up a bridge to
shape my upstream traffic. I use ALTQ with hfsc discipline; but that's
not really important. My problem comes with the filter rules. I have
to use keep state because of the speed
On Tue, Nov 13, 2007 at 07:50:53AM +0530, Girish Venkatachalam wrote:
On 22:08:03 Nov 12, Alupului Costin wrote:
I seem to have quite a problem with PF. I have set up a bridge to
shape my upstream traffic. I use ALTQ with hfsc discipline; but that's
not really important. My problem comes
10 matches
Mail list logo
