Date: Tue, 26 Nov 2013 01:31:43 +0100 From: Jan Bramkamp <crest@rlwinm.de> To: freebsd-hackers@freebsd.org Subject: Re: Do pfil(9) hooks receive TCP retransmissions? Message-ID: <5293EBEF.5040605@rlwinm.de> In-Reply-To: <20131125181232.GB6275@kiwi.coupleofllamas.com> References: <20131125181232.GB6275@kiwi.coupleofllamas.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 25.11.2013 19:12, R. Tyler Croy wrote: > > I'm looking at the pfil(9) interface to accomplish some packet inspection > tasks, but the man page leaves some ambiguity in this case. > > If the hooks are not invoked multiple times for retransmissions then I can > imagine it being relatively "simple" to implement a basic firewall with these > hooks without implementing loads of state tracking for packets. > > > I would appreciate any guidance the list can offer on using pfil(9) :) > Why do you want to reinvent the wheel? What requires you to start from scratch with pfil(9)?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5293EBEF.5040605>