how to forbid to process IP, which are fragmentation?

Chuck Swiger cswiger at mac.com
Sat Apr 22 13:19:01 UTC 2006

Previous message: how to forbid to process IP, which are fragmentation?
Next message: Putting /tmp on a separate volume?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrew Wingorodov wrote:
> how to forbid to process IP, which are fragmentation?

   ipfw add deny all from any to any frag

...but please be very sure that you are passing the ICMP message types used for 
path MTU discovery, or else your network may become a "notwork", at least as far 
as large packet sizes are concerned.

-- 
-Chuck

Previous message: how to forbid to process IP, which are fragmentation?
Next message: Putting /tmp on a separate volume?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the freebsd-questions mailing list