> you must be cofnused here. dunno. people rarely have problems in that
> area.
Hmm, maybe, I'm, truly, too stupid to work with PF ...
I'll re-test on clean environment it and write to the list.
> i thought we did that with -vv or so
hmm ... alas, no such warnings with -vv:
evil# pfctl -vv -f /et
* Ilya A. Kovalenko <[EMAIL PROTECTED]> [2007-09-19 16:30]:
> 1. States handling
> 1.1 Too complex (and weak documented)
you must be cofnused here. dunno. people rarely have problems in that
area.
> 1.2 Too restictive (without option to weak restrictions)
> You cannot use PF's stateful inspe
On 2007/09/19 21:45, Mark Fordham wrote:
> scrub in
> scrub out on $ext_if max-mss 1440
> set mtu max 1440
> set mru max 1440
MSS is the number of bytes of *payload*
MTU includes the headers as well
lower the max-mss value to 1400 or slightly less.
Hi All
To reproduce the stalling problem I am doing an FTP download from my local
ISP. The stalled transfer shows duplicate acks when analyzed with wireshark
expert info composite.
To rule out the hardware I used IPCop which works fine.
I thought it might be a window scaling misconfiguration but
Jeff Santos wrote:
> Hi there,
>
> I am going to try this list because I think what I
> am facing is somehow related to PF and because I am
> almost desperate to solve this.
>
> I have firewall running OpenBSD 4.1-STABLE and the
> following daemons: spamd, dhcpd, routed and named.
>
> It has 3
Hi, all.
Simple question
Say, I have:
# ifconfig em1
em1: flags=8843 mtu 1500
options=4b
inet q broadcast 80.0.0.31
inet 80.0.0.28 netmask 0x broadcast 80.0.0.28
inet 80.0.0.29 netmask 0x broadcast 80.0.0.29
inet 80.0.0.30 netmask 0