FreeBSD Security Advisory FreeBSD-SA-14:08.tcp

Dag-Erling Smørgrav des at des.no
Fri May 2 09:50:14 UTC 2014


Mike Tancsa <mike at sentex.net> writes:
> Is [scrub in all] the only pf option that will work, or is scrub
> fragment reassemble sufficient ?

"fragment reassemble" is implicit, but if you leave out "in" it will
also scrub outgoing traffic, which is wasteful.

DES
-- 
Dag-Erling Smørgrav - des at des.no


More information about the freebsd-security mailing list