Re: pf: reassemble tcp

2014-09-13 Thread Henning Brauer
* Sonic sonicsm...@gmail.com [2014-09-05 17:12]: On Fri, Sep 5, 2014 at 4:42 AM, Kapetanakis Giannis bil...@edu.physics.uoc.gr wrote: yeah, don't use reassemble tcp. it's not perfect. Isn't that default behavior? hell, no. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web

Re: pf: reassemble tcp

2014-09-13 Thread Henning Brauer
* Kapetanakis Giannis bil...@edu.physics.uoc.gr [2014-09-06 00:50]: I'm asking about reassemble tcp. According to some 2010's threads in misc@ it used to cause problems to some users. I'm wondering what's the status now. unchanged. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS

Re: pf: reassemble tcp

2014-09-13 Thread Kapetanakis Giannis
On 13/09/14 11:55, Henning Brauer wrote: * Kapetanakis Giannis bil...@edu.physics.uoc.gr [2014-09-06 00:50]: I'm asking about reassemble tcp. According to some 2010's threads in misc@ it used to cause problems to some users. I'm wondering what's the status now. unchanged. Thanks for the

Re: pf: reassemble tcp

2014-09-05 Thread Kapetanakis Giannis
I've found the following in the archives. Is the situation still the same with reassemble tcp? My only scrub rule (in firewall/router) is match in all scrub (no-df random-id reassemble tcp max-mss 1440) Should I be worried? Thanks G List: openbsd-misc Subject:Re: pf: reassemble

Re: pf: reassemble tcp

2014-09-05 Thread Sonic
On Fri, Sep 5, 2014 at 4:42 AM, Kapetanakis Giannis bil...@edu.physics.uoc.gr wrote: yeah, don't use reassemble tcp. it's not perfect. Isn't that default behavior? Is it recommended to disable this feature?

Re: pf: reassemble tcp

2014-09-05 Thread Kapetanakis Giannis
On 05/09/14 18:10, Sonic wrote: On Fri, Sep 5, 2014 at 4:42 AM, Kapetanakis Giannis bil...@edu.physics.uoc.gr wrote: yeah, don't use reassemble tcp. it's not perfect. Isn't that default behavior? Is it recommended to disable this feature? I'm not asking about set reassemble for fragmented

pf: reassemble tcp

2010-01-13 Thread nixlists
Hi. I have match in all scrub (tcp reassemble no-df random-id max-mss 1440) in my pf.conf (-current) Unless I remove 'tcp reassemble', one of the web sites (it's a Windows/IIS) site cannot communicate with me - it hangs loading a page. Any ideas?

Re: pf: reassemble tcp

2010-01-13 Thread Henning Brauer
* nixlists nixmli...@gmail.com [2010-01-13 22:56]: Hi. I have match in all scrub (tcp reassemble no-df random-id max-mss 1440) in my pf.conf (-current) Unless I remove 'tcp reassemble', one of the web sites (it's a Windows/IIS) site cannot communicate with me - it hangs loading a

Re: pf: reassemble tcp

2010-01-13 Thread Ted
On Thu, Jan 14, 2010 at 12:46 PM, Henning Brauer lists-open...@bsws.dewrote: I have match in all scrub (tcp reassemble no-df random-id max-mss 1440) in my pf.conf (-current) yeah, don't use reassemble tcp. it's not perfect. How about fragment reassemble? I'm using it on my

Re: pf: reassemble tcp

2010-01-13 Thread Henning Brauer
* Ted t...@pobox.com [2010-01-14 05:03]: On Thu, Jan 14, 2010 at 12:46 PM, Henning Brauer lists-open...@bsws.dewrote: I have match in all scrub (tcp reassemble no-df random-id max-mss 1440) in my pf.conf (-current) yeah, don't use reassemble tcp. it's not perfect.