Date: Tue, 15 Feb 2005 22:36:21 +0100 From: dick hoogendijk <dick@nagual.st> To: freebsd-questions@freebsd.org Subject: ipfilter "flags s keep state" question Message-ID: <20050215223621.4f7790d8.dick@nagual.st>
next in thread | raw e-mail | index | archive | help
I read a lot of rulesets for ipfilter just to study how others do the job. I've read the ipf HOWTO too. One thing is still very unclear to me though. Most rules for tcp have something like "flags S keep state" but *some* have "flags S keep state keep frags" Can someone explain to me *when* to use keep frags and when not to? The HOWTO is very unclear about this. What exactly is the use of this extra 'keep frags'? -- dick -- http://nagual.st/ -- PGP/GnuPG key: F86289CE ++ Running FreeBSD 4.11 ++ FreeBSD 5.3 + Nai tiruvantel ar vayuvantel i Valar tielyanna nu vilja
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050215223621.4f7790d8.dick>