ipfilter "flags s keep state" question
dick hoogendijk
dick at nagual.st
Tue Feb 15 21:36:23 GMT 2005
I read a lot of rulesets for ipfilter just to study how others do the
job.
I've read the ipf HOWTO too. One thing is still very unclear to me
though.
Most rules for tcp have something like "flags S keep state" but *some*
have "flags S keep state keep frags"
Can someone explain to me *when* to use keep frags and when not to? The
HOWTO is very unclear about this. What exactly is the use of this extra
'keep frags'?
--
dick -- http://nagual.st/ -- PGP/GnuPG key: F86289CE
++ Running FreeBSD 4.11 ++ FreeBSD 5.3
+ Nai tiruvantel ar vayuvantel i Valar tielyanna nu vilja
More information about the freebsd-questions
mailing list