Do pfil(9) hooks receive TCP retransmissions?
Jan Bramkamp
crest at rlwinm.de
Tue Nov 26 00:31:45 UTC 2013
On 25.11.2013 19:12, R. Tyler Croy wrote:
>
> I'm looking at the pfil(9) interface to accomplish some packet inspection
> tasks, but the man page leaves some ambiguity in this case.
>
> If the hooks are not invoked multiple times for retransmissions then I can
> imagine it being relatively "simple" to implement a basic firewall with these
> hooks without implementing loads of state tracking for packets.
>
>
> I would appreciate any guidance the list can offer on using pfil(9) :)
>
Why do you want to reinvent the wheel? What requires you to start from
scratch with pfil(9)?
More information about the freebsd-hackers
mailing list