Mike Tancsa <mike at sentex.net> writes: > Is [scrub in all] the only pf option that will work, or is scrub > fragment reassemble sufficient ? "fragment reassemble" is implicit, but if you leave out "in" it will also scrub outgoing traffic, which is wasteful. DES -- Dag-Erling Smørgrav - des at des.no