From owner-freebsd-questions@FreeBSD.ORG  Tue Feb 15 21:36:23 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D4D1416A4CE
	for <freebsd-questions@freebsd.org>;
	Tue, 15 Feb 2005 21:36:23 +0000 (GMT)
Received: from nagual.st (cc20684-a.assen1.dr.home.nl [217.122.132.217])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 20AFE43D1F
	for <freebsd-questions@freebsd.org>;
	Tue, 15 Feb 2005 21:36:23 +0000 (GMT)	(envelope-from dick@nagual.st)
Received: from pooh.nagual.st (pooh.nagual.st [192.168.11.22])
  by nagual.st with esmtp; Tue, 15 Feb 2005 22:36:22 +0100
Date: Tue, 15 Feb 2005 22:36:21 +0100
From: dick hoogendijk <dick@nagual.st>
To: freebsd-questions@freebsd.org
Message-Id: <20050215223621.4f7790d8.dick@nagual.st>
Organization: nagual SiTe
X-Mailer: Sylpheed version 1.0.1 (GTK+ 1.2.10; i386-portbld-freebsd4.11)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: ipfilter "flags s keep state" question
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Feb 2005 21:36:23 -0000

I read a lot of rulesets for ipfilter just to study how others do the
job.
I've read the ipf HOWTO too. One thing is still very unclear to me
though.
Most rules for tcp have something like "flags S keep state" but *some*
have "flags S keep state keep frags"

Can someone explain to me *when* to use keep frags and when not to? The
HOWTO is very unclear about this. What exactly is the use of this extra
'keep frags'?

-- 
dick -- http://nagual.st/ -- PGP/GnuPG key: F86289CE
++ Running FreeBSD 4.11 ++ FreeBSD 5.3
+ Nai tiruvantel ar vayuvantel i Valar tielyanna nu vilja