--pgp-sign-Multipart_Mon_Mar__7_15:41:50_2005-1
Content-Type: text/plain; charset=US-ASCII

>>>>> "at" == Adayadil Thomas <adayadil.thomas@gmail.com> writes:

    at> Does ipfilter perform tcp stream reassembly ?

    at> If yes, does ipfilter use the same tcp reassembly code that a
    at> normal unix end system would use ?

I think it does not, is self-contained, but I don't read the ipfilter
code.

I know that the active FTP proxy on PF (not ipfilter) runs in user
space, so it ends up using the same TCP code as the rest of the system
to reassemble the FTP control circuit.  but that happens in a very
sysadmin-visible way, through your running /usr/pkg/libexec/ftp-proxy
from inetd.conf.  

That is maybe not the way you expected when you asked the question.

--pgp-sign-Multipart_Mon_Mar__7_15:41:50_2005-1
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)

iQCVAwUAQiy8jonCBbTaW/4dAQKeGgQAnj6WLWbStHWny7MWHmoYNtaLi2CMVVl9
AoxCJKt2b56MD+BqPda6dQZ/YnltbomZBZY/UIQtVaXCAFqF1IWHyBmVT0fnfo+F
KJtvPEKUcZSPx1dden1qXkIZn0AiElK753KADiHZ2t/QMBhyKNzbszptyskHEGB+
PVMLpiwF3x4=
=v4FJ
-----END PGP SIGNATURE-----

--pgp-sign-Multipart_Mon_Mar__7_15:41:50_2005-1--