[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: source limit

Just as a note (i don't want to do more OT but a clarify note is needed).
IPFW don't check ISN and/or windows size in it statuful engine and in IPFW2
are kept in meomory and checked only to send realtive 'keep alive' signal.
This is not due to broken code but only to a choice.
Maybe the choice could be discussed on but this is not the place.
>-- Messaggio Originale --
>From: "NortonNg" <[email protected]>
>To: "Jedi/Sector One" <[email protected]>
>Cc: <[email protected]>
>Subject: Re: source limit
>Date: Mon, 17 Mar 2003 18:43:22 +0800
>not need to predirect TCP ISNs for ipfw !
>ipfw doesn't store any TCP ISN in ipfw dynamic state!!
>and finally with TCP flags RST. It work in ipfw!!
>for ipfw2. it seems that it may work!  the sequence checking in ipfw2 still
>doesn't check completely like pf or ipfilter.
Tiscali ADSL, fino a 9 MESI GRATIS sull'offerta Tiscali ADSL Light Mega!
Tiscali ADSL non teme confronti! Abbonati subito.