DragonFly users List (threaded) for 2009-08
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
Re: PF on dragonflybsd
| From: | Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx> |
| Date: | Sat, 15 Aug 2009 08:44:55 -0700 (PDT) |
The biggest difference, apart from our PF being fairly old, is that
keep state is not the default. But we have a directive to set the
default (I think OpenBSD doesn't).
So in a DragonFly pf.conf you would say (near the top):
set keep-policy keep state (pickups)
And then keep state would be the default. pickups is a DragonFly
directive which I don't know if OpenBSD picked up or not (heh).
It fixes the problem of rebooting the router box running PF causing
all TCP connections going through the router to drop. Without it
keep state on the TCP connections will throw existing connections
away because it doesn't see the SYNs or know the TCP window size.
DragonFly's PF also has a fair-share scheduler (which I wrote).
-Matt
- References:
- PF on dragonflybsd
- From: Siju George <sgeorge.ml@gmail.com>
- PF on dragonflybsd
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]