[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [NFS] Re: pf: to scrub or not to scrub?
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: [NFS] Re: pf: to scrub or not to scrub?
- From: Trond Myklebust <trond_(_dot_)_myklebust_(_at_)_fys_(_dot_)_uio_(_dot_)_no>
- Date: 28 Jul 2002 17:15:38 +0200
- Cc: han_(_at_)_mijncomputer_(_dot_)_nl, NFS_(_at_)_lists_(_dot_)_sourceforge_(_dot_)_net
>>>>> " " == han <han_(_at_)_mijncomputer_(_dot_)_nl> writes:
> Hi, I run an OpenBSD (current) nfs server with a linux nfs
> client (2.4.19-rc3-ac3) and if I turn on the scrub feature
> (reassemble all fragments) of the OpenBSD firewall I get into
> trouble with the nfs-client not being able anymore to
> connect. Perhaps this is something that can be improved in the
> nfs code. This is not urgent since I can tell the firewall to
> only pay attention to fragments from the external interface.
The Linux NFS client just uses a standard UDP socket (Nothing up my
sleeve). No special flags are set beyond those which you will get
from using the standard call 'socket(PF_INET, SOCK_DGRAM, 0)'.
Mind explaining exactly what is causing the OpenBSD 'scrub' filter to
fail to pass these packets?