Date: Fri, 18 May 2007 09:47:56 +1000 From: Mark Andrews <Mark_Andrews@isc.org> To: Hugo Koji Kobayashi <koji@registro.br> Cc: freebsd-net@freebsd.org, freebsd-stable@freebsd.org Subject: Re: udp fragmentation with pf/ipf Message-ID: <200705172347.l4HNlux8089701@drugs.dv.isc.org> In-Reply-To: Your message of "Thu, 17 May 2007 18:50:25 -0300." <20070517215025.GC37175@registro.br>
next in thread | previous in thread | raw e-mail | index | archive | help
This should be rejected as "keep frags" is meaningless here. pass out log quick on bge0 proto udp from xxx.xxx.xxx.113/32 to any port = 53 keep state keep frags You need pass in quick from any to any with frag keep frag -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200705172347.l4HNlux8089701>