Testing new firewall to replace operational firewall
Maciej Milewski
milu at dat.pl
Mon May 18 09:33:43 UTC 2009
Monday 18 May 2009 08:20:40 mehma sarja napisał(a):
> SECOND
> Are the "flags S/SA" altq functions? Because, as I said before, the new
> firewall is FreeBSD GENERIC kernel with altq not compiled in.
No, they aren't as far as I know. Altq is a mechanism using for
queuing/traffic shaping. If you don't compile it it just can't be used. For
more info please look at PF FAQ or pf manual.
S/SA is from flags and means SYN and ACK.
Handbook says "FreeBSD 7.X -- PF is at OpenBSD 4.1" So this option (flags
S/SA) is set by default. If you omit it in config it will be set.
Best Regards,
Maciej Milewski
More information about the freebsd-pf
mailing list