From owner-freebsd-hackers@FreeBSD.ORG  Mon Nov 25 18:19:38 2013
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 415B141F
 for <freebsd-hackers@freebsd.org>; Mon, 25 Nov 2013 18:19:38 +0000 (UTC)
Received: from sanddollar.geekisp.com (sanddollar.geekisp.com
 [216.168.135.167])
 by mx1.freebsd.org (Postfix) with SMTP id CEF852DA1
 for <freebsd-hackers@freebsd.org>; Mon, 25 Nov 2013 18:19:37 +0000 (UTC)
Received: (qmail 10789 invoked by uid 1003); 25 Nov 2013 18:12:56 -0000
Received: from unknown (HELO kiwi.coupleofllamas.com)
 (tyler@monkeypox.org@64.125.69.200)
 by mail.geekisp.com with (DHE-RSA-AES256-SHA encrypted) SMTP;
 25 Nov 2013 18:12:56 -0000
Date: Mon, 25 Nov 2013 10:12:32 -0800
From: "R. Tyler Croy" <tyler@monkeypox.org>
To: freebsd-hackers <freebsd-hackers@freebsd.org>
Subject: Do pfil(9) hooks receive TCP retransmissions?
Message-ID: <20131125181232.GB6275@kiwi.coupleofllamas.com>
Mail-Followup-To: freebsd-hackers <freebsd-hackers@freebsd.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature"; boundary="XOIedfhf+7KOe/yw"
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Nov 2013 18:19:38 -0000


--XOIedfhf+7KOe/yw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline


I'm looking at the pfil(9) interface to accomplish some packet inspection
tasks, but the man page leaves some ambiguity in this case.

If the hooks are not invoked multiple times for retransmissions then I can
imagine it being relatively "simple" to implement a basic firewall with these
hooks without implementing loads of state tracking for packets.


I would appreciate any guidance the list can offer on using pfil(9) :)


Cheers
- R. Tyler Croy
--------------------------------------
    Code: https://github.com/rtyler
 Chatter: https://twitter.com/agentdero
          rtyler@jabber.org

--XOIedfhf+7KOe/yw
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)

iEYEARECAAYFAlKTkxAACgkQFCbH3D9R4W+LbgCfTcxl8JkYuKIeXAK6sLVi18w1
9DUAn11/pCTXf6ezCwbQ1ggTwqTfNxWK
=c9Rg
-----END PGP SIGNATURE-----

--XOIedfhf+7KOe/yw--