Date: Wed, 28 Jun 1995 07:59:15 -0500 From: rkw@dataplex.net (Richard Wackerbarth) To: lists@tar.com (Richard Seaman, Jr) Cc: hackers@freebsd.org Subject: Re: ipfw code Message-ID: <v02120d02ac17015df32c@[199.183.109.242]>
next in thread | raw e-mail | index | archive | help
>On Tue, 27 Jun 1995 19:13:54 +0200 (MET DST) you wrote: > >>Currently, th ip_fw code has an option to block on packets with the >>SYN falg set. I think this is useless as it basically blocks all tcp >>traffic. > The ability to recognize certain packets also relates to the option to log their occurance. If you wish to log TCP connections, that you need to recognize the connection as distinct from the continuing traffic. Another reason to distinguish the packets of filtering efficiency. The bulk of the packets are a continuation of an existing connection. If you allow the already established connections to continue, the average number of tests per packet can be greatly reduced. ---- Richard Wackerbarth rkw@dataplex.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v02120d02ac17015df32c>