Hello ipfw users and hackers.
I have tried, for many weeks, ng_tag to tag packets for ipfw
filtering. I could make it work fine. However, I have one problem. I
want to make a state that will match any packet, on any protocol,
between the peers. Why? Because all I have, is one packet. And this
06.08.07 @ 23:05 Eduardo Meyer wrote:
I have tried, for many weeks, ng_tag to tag packets for ipfw
filtering. I could make it work fine. However, I have one problem. I
want to make a state that will match any packet, on any protocol,
between the peers. Why? Because all I have, is one packet
will match any packet, on any protocol,
> > between the peers. Why? Because all I have, is one packet. And this
> > packet however, wont always be in the same transport protocol.
> >
> > For example, I can identify session initialization on TCP packets, but
> > once
19.08.07 @ 21:51 Eduardo Meyer wrote:
Yes, dynamic rules in ipfw are not intended for supporting state created
in the middle of the session, wuth the default sysctl settings it will
be
kept for 1 second (which, however, is enough for shaping of fast
transfers). I think, precise controlling of
