tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: MSS clamping in NPF

To: tech-net%netbsd.org@localhost, Christos Zoulas <christos%zoulas.com@localhost>
Subject: Re: MSS clamping in NPF
From: Egerváry Gergely <gergely%egervary.hu@localhost>
Date: Sun, 15 Jan 2017 14:10:11 +0100

The problem is I have circa 500 filter rules. I can't apply "norm"
on all rules that can ever pass a packet on pppoe0.


... or, I have to rework all of my rules: do all of the filtering on
packet ingress, and do _only_ the normalization on the egress.

It sounds easy with a few rules, but can be hard with 12 interfaces,
about 60 subnets, etc.

--
Gergely EGERVARY

Follow-Ups:
- Re: MSS clamping in NPF
  - From: Christos Zoulas

References:
- MSS clamping in NPF
  - From: Egerváry Gergely
- Re: MSS clamping in NPF
  - From: Joerg Sonnenberger
- Re: MSS clamping in NPF
  - From: Egerváry Gergely

Prev by Date: Re: MSS clamping in NPF
Next by Date: NPF tuning
Previous by Thread: Re: MSS clamping in NPF
Next by Thread: Re: MSS clamping in NPF
Indexes:

Home | Main Index | Thread Index | Old Index