|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Daniel Hartmeier (dhartmei_at_cvs.openbsd.org)
Date: Wed Feb 12 2003 - 14:43:36 CST
CVSROOT: /cvs
Module name: src
Changes by: dhartmei
cvs.openbsd.org 2003/02/12 13:43:36
Modified files:
sys/net : pf_norm.c
Log message:
Address the NFS problems recently discussed in various threads.
Change semantics of scrub option 'no-df' slightly: if the option is used,
it now also applies to _fragments_ with IP_DF set, not just to complete
packets. Hence, adding 'no-df' to 'scrub in all fragment reassemble'
allows to clear IP_DF from fragments, so they don't get dropped but
reassembled.
This affects several UDP protocols that used PMTU discovery, mostly
Linux' NFS implementation. In short, if you have 'scrub in all' now,
you probably want to change that to 'scrub in all no-df', unless you
want to drop fragments with IP_DF set (some people have good reasons
to do the latter, hence the non-default option).
ok frantzen, henning, cedric
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]