Date: Mon, 18 May 2009 22:11:12 -0700 From: mehma sarja <mehmasarja@gmail.com> To: Maciej Milewski <milu@dat.pl> Cc: ysidhu@ucolick.org, freebsd-pf@freebsd.org Subject: Re: Testing new firewall to replace operational firewall Message-ID: <ec5d34680905182211n228bde4ale302ab1e5c2d29a3@mail.gmail.com> In-Reply-To: <200905181114.24507.milu@dat.pl> References: <ec5d34680905172320r60aef0a6r3b37d0ace7cdec94@mail.gmail.com> <200905181114.24507.milu@dat.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
Maciej, Thanks for answering one question. Now, does anyone know anything about "modulated state" running on tandem firewalls causing problems? Yudhvir =3D=3D=3D 2009/5/18 Maciej Milewski <milu@dat.pl> > Monday 18 May 2009 08:20:40 mehma sarja napisa=B3(a): > > SECOND > > Are the "flags S/SA" altq functions? Because, as I said before, the new > > firewall is FreeBSD GENERIC kernel with altq not compiled in. > No, they aren't as far as I know. Altq is a mechanism using for > queuing/traffic shaping. If you don't compile it it just can't be used. F= or > more info please look at PF FAQ or pf manual. > > > S/SA is from flags and means SYN and ACK. > Handbook says "FreeBSD 7.X -- PF is at OpenBSD 4.1" So this option (flags > S/SA) is set by default. If you omit it in config it will be set. > > > > Best Regards, > Maciej Milewski >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ec5d34680905182211n228bde4ale302ab1e5c2d29a3>