From owner-freebsd-stable@FreeBSD.ORG Thu Dec 14 00:11:30 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id ACA3D16A63C for ; Thu, 14 Dec 2006 00:11:30 +0000 (UTC) (envelope-from petefrench@ticketswitch.com) Received: from mail.ticketswitch.com (mail.ticketswitch.com [194.200.93.188]) by mx1.FreeBSD.org (Postfix) with ESMTP id 587D44409A for ; Thu, 14 Dec 2006 00:03:43 +0000 (GMT) (envelope-from petefrench@ticketswitch.com) Received: from [172.16.1.6] (helo=dilbert.ticketswitch.com) by mail.ticketswitch.com with esmtp (Exim 4.60 (FreeBSD)) (envelope-from ) id 1Gue5h-000MCW-9Y; Thu, 14 Dec 2006 00:04:49 +0000 Received: from petefrench by dilbert.ticketswitch.com with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Gue5h-0002pv-45; Thu, 14 Dec 2006 00:04:49 +0000 To: spork@bway.net In-Reply-To: <20061213152911.L95481@sporker.bway.net> Message-Id: From: Pete French Date: Thu, 14 Dec 2006 00:04:49 +0000 Cc: freebsd-stable@freebsd.org Subject: Re: pf killing NFS X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Dec 2006 00:11:30 -0000 > I pulled the "scrub in all" line and replaced it with a "scrub in on > bge0". I don't really care about scrubbing on the internal network. All > works as expected now. I dont really care about scrubbing my intrenal nbetwork either - but I do care about NAT working on the outside, which requires fragment reassembly before the packets go out - hence I scrub to reassemble any fragmented packets comming into the machine. I dont know if this is actually necessary or not, but I thought it best to be on the safe side! -pete.