Re: MSS clamping in NPF

To: Egerváry Gergely <gergely%egervary.hu@localhost>
Subject: Re: MSS clamping in NPF
From: Mindaugas Rasiukevicius <rmind%netbsd.org@localhost>
Date: Sun, 15 Jan 2017 13:56:31 +0000

Egerváry Gergely <gergely%egervary.hu@localhost> wrote:
> ...
> 
> And that's all! MTU and MSS has nothing to do with filter rules.
> They are related to the specific interface.

I agree that that MSS clamping would often be per interface.

> #1) Implement `scrub' as in PF
> (Normalization will be independent from filter rules)
> 
> #2) Implement `match` as in newer PF releases
> (Normalization is done with special filter rules that does not stop
> processing other filter rules)
> 
> ... or, any better ideas?

I am thinking to implement the equivalent of "match" functionality.
Internally, a group is just a rule, so it could have rule procedures
associated as well.

-- 
Mindaugas

References:
- MSS clamping in NPF
  - From: Egerváry Gergely

Prev by Date: Re: NPF tuning
Next by Date: Re: NPF tuning
Previous by Thread: Re: MSS clamping in NPF
Next by Thread: NPF tuning
Indexes:

Home | Main Index | Thread Index | Old Index