Re: MSS clamping in NPF

To: Egerváry Gergely <gergely%egervary.hu@localhost>, tech-net%netbsd.org@localhost
Subject: Re: MSS clamping in NPF
From: christos%zoulas.com@localhost (Christos Zoulas)
Date: Sun, 15 Jan 2017 10:59:55 -0500

On Jan 15,  2:10pm, gergely%egervary.hu@localhost (=?UTF-8?Q?Egerv=c3=a1ry_Gergely?=) wrote:
-- Subject: Re: MSS clamping in NPF

| > The problem is I have circa 500 filter rules. I can't apply "norm"
| > on all rules that can ever pass a packet on pppoe0.
| 
| ... or, I have to rework all of my rules: do all of the filtering on
| packet ingress, and do _only_ the normalization on the egress.
| 
| It sounds easy with a few rules, but can be hard with 12 interfaces,
| about 60 subnets, etc.

Rmind, any ideas?

christos

References:
- Re: MSS clamping in NPF
  - From: Egerváry Gergely

Prev by Date: Re: NPF tuning
Next by Date: Re: NPF tuning
Previous by Thread: Re: MSS clamping in NPF
Next by Thread: Re: MSS clamping in NPF
Indexes:

Home | Main Index | Thread Index | Old Index