Date: Mon, 25 Nov 2013 10:12:32 -0800 From: "R. Tyler Croy" <tyler@monkeypox.org> To: freebsd-hackers <freebsd-hackers@freebsd.org> Subject: Do pfil(9) hooks receive TCP retransmissions? Message-ID: <20131125181232.GB6275@kiwi.coupleofllamas.com>
next in thread | raw e-mail | index | archive | help
--XOIedfhf+7KOe/yw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
I'm looking at the pfil(9) interface to accomplish some packet inspection
tasks, but the man page leaves some ambiguity in this case.
If the hooks are not invoked multiple times for retransmissions then I can
imagine it being relatively "simple" to implement a basic firewall with these
hooks without implementing loads of state tracking for packets.
I would appreciate any guidance the list can offer on using pfil(9) :)
Cheers
- R. Tyler Croy
--------------------------------------
Code: https://github.com/rtyler
Chatter: https://twitter.com/agentdero
rtyler@jabber.org
--XOIedfhf+7KOe/yw
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
iEYEARECAAYFAlKTkxAACgkQFCbH3D9R4W+LbgCfTcxl8JkYuKIeXAK6sLVi18w1
9DUAn11/pCTXf6ezCwbQ1ggTwqTfNxWK
=c9Rg
-----END PGP SIGNATURE-----
--XOIedfhf+7KOe/yw--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20131125181232.GB6275>