[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: simple question: pfctl -vvsq



On Monday, Jun 2, 2003, at 21:05 US/Pacific, Dave St.Germain wrote:

Another question: what is the difference between saying flags S/SA and S/SAFR
when it comes to queueing? Or just in general?

If you're using scrub, no difference to filtering; the scrub code already
deals with illegal TCP flag combinations. If you're not scrubbing packets,
the second would be a more accurate match for a connection-creating packet.


No impact on queueing either way.