Re: NPF: fast kick

To: Maxime Villard <max%m00nbsd.net@localhost>
Subject: Re: NPF: fast kick
From: Mindaugas Rasiukevicius <rmind%netbsd.org@localhost>
Date: Tue, 13 Mar 2018 19:48:26 +0000

Maxime Villard <max%m00nbsd.net@localhost> wrote:
> The change I made was exactly your first sentence: perform minimum sanity
> checks, to ensure the basic operation of NPF. If the basic operation
> cannot be assured, then fast-kick the packet.
> 
> If you pass the packet to the ruleset machinery, things can go wrong,
> because the basic operation of the machinery cannot be assured.

And why not?

-- 
Mindaugas

Follow-Ups:
- Re: NPF: fast kick
  - From: Maxime Villard

References:
- NPF: fast kick
  - From: Maxime Villard
- Re: NPF: fast kick
  - From: Mindaugas Rasiukevicius
- Re: NPF: fast kick
  - From: Maxime Villard
- Re: NPF: fast kick
  - From: Mindaugas Rasiukevicius
- Re: NPF: fast kick
  - From: Maxime Villard
- Re: NPF: fast kick
  - From: Mindaugas Rasiukevicius
- Re: NPF: fast kick
  - From: Maxime Villard

Prev by Date: Re: NPF: TCP options
Next by Date: Re: NPF: fast kick
Previous by Thread: Re: NPF: fast kick
Next by Thread: Re: NPF: fast kick
Indexes:

Home | Main Index | Thread Index | Old Index