On Sat, Sep 4, 2010 at 4:29 AM, Fabricio Archanjo <farchanjo@xxxxxxxxx> wrote: > hey all, > is this patch gonna be on kernel tree? > It works fines. Yesterday I was over attack, after applied this patch > my problem was solved. It hasn't dropped real connections. Sometimes i > changed to freebsd due synproxy state on pf. > > > Thanks, Thanks for the test and feedback. No other comments are added after the RFC. Maybe because it lacks the IPv6 support. There is another issue: when calculating MSS, we'd better check the MSS of the forward path too. However, as it works in RAW table, and no DNAT/REDIRECT is performed, we may get the wrong info. -- Regards, Changli Gao(xiaosuo@xxxxxxxxx) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
