Date: Sat, 22 Apr 2006 09:19:10 -0400 From: Chuck Swiger <cswiger@mac.com> To: Andrew Wingorodov <mail@andr.ru> Cc: freebsd-questions@freebsd.org Subject: Re: how to forbid to process IP, which are fragmentation? Message-ID: <444A2D4E.1060004@mac.com> In-Reply-To: <200604221310.49569.mail@andr.ru> References: <200604221310.49569.mail@andr.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Andrew Wingorodov wrote: > how to forbid to process IP, which are fragmentation? ipfw add deny all from any to any frag ...but please be very sure that you are passing the ICMP message types used for path MTU discovery, or else your network may become a "notwork", at least as far as large packet sizes are concerned. -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?444A2D4E.1060004>