Date: Sat, 12 Apr 2003 14:40:31 +0100 From: Jeff Penn <jeff@jrpenn.demon.co.uk> To: freebsd-questions@freebsd.org Subject: Re: Firewall Rules/connection troubles Message-ID: <20030412134031.GA94973@jrpenn.demon.co.uk> In-Reply-To: <20030412053057.GB65034@gothmog.gr> References: <200304120023.h3C0NtvN036040@server1.shellworld.net> <20030412053057.GB65034@gothmog.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Apr 12, 2003 at 08:30:57AM +0300, Giorgos Keramidas wrote: > > h. You're blocking fragments. It's not always a good idea. Provided most rules use check-state, and the 'deny frag' rule follows the check-state rules, won't valid fragments be passed by dynamic rules?. Jeff
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030412134031.GA94973>