I've found the following in the archives. Is the situation still the
same with
reassemble tcp?
My only scrub rule (in firewall/router) is
match in all scrub (no-df random-id reassemble tcp max-mss 1440)
Should I be worried?
Thanks
G
List: openbsd-misc
Subject: Re: pf: reassemble tcp
From: Henning Brauer <lists-openbsd () bsws ! de>
Date: 2010-01-14 1:46:17
Message-ID: 20100114014617.GH3135 () nudo ! bsws ! de
[Download message RAW]
* nixlists <nixmli...@gmail.com> [2010-01-13 22:56]:
Hi.
I have
match in all scrub (tcp reassemble no-df random-id max-mss 1440)
in my pf.conf (-current)
Unless I remove 'tcp reassemble', one of the web sites (it's a
Windows/IIS) site cannot communicate with me - it hangs loading a
page.
Any ideas?
yeah, don't use reassemble tcp. it's not perfect.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting
