Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 22 Feb 2007 14:30:30 +0000
From:      RW <fbsd06@mlists.homeunix.com>
To:        freebsd-questions@freebsd.org
Subject:   Re: PF slowing down file copies
Message-ID:  <20070222143030.0b858e86@gumby.homeunix.com>
In-Reply-To: <19861fba0702211038p3144271ey1e30cf67311678ef@mail.gmail.com>
References:  <200702202021.55723.pablo.fernandez@rs.com.ar> <19861fba0702211038p3144271ey1e30cf67311678ef@mail.gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Wed, 21 Feb 2007 19:38:39 +0100
J65nko <j65nko@gmail.com> wrote:

> For keeping state on TCP connections you should only create state on
> the first packet of the 3 way TCP handshake. Using "flags S/SA" will
> ensure this. This will prevent problems with TCP windows scaling..

Why? Creating a state entry causes subsequent packets, in the same tcp
connection, to bypass the rules altogether.




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20070222143030.0b858e86>