Date: Thu, 1 Dec 2005 02:40:53 +0100 From: J65nko BSD <j65nko@gmail.com> To: Aaron Martinez <ml@proficuous.com>, FreeBSD-questions@freebsd.org Subject: Re: pf blocking nfs Message-ID: <19861fba0511301740j709ddf34me572b29474b87f6f@mail.gmail.com> In-Reply-To: <20051201005348.GB15959@slackbox.xs4all.nl> References: <60336.192.168.3.69.1133319528.squirrel@webmail.proficuous.com> <20051130170210.GB1587@slackbox.xs4all.nl> <200511301742.31258.ml@proficuous.com> <20051201005348.GB15959@slackbox.xs4all.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
[snip] > In your original post, there was something about a short packet. I'm > guessing this might screw things up. You might try adding 'scrub in all' > before the filtering rules. > [smip] Be careful with scrub and NFS. From http://openbsd.bay13.net/faq/pf/scrub.h= tml "One reason not to scrub on an interface is if one is passing NFS through PF. Some non-OpenBSD platforms send (and expect) strange packets -- fragmented packets with the "do not fragment" bit set, which are (properly) rejected by scrub."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19861fba0511301740j709ddf34me572b29474b87f6f>