OpenBSD/src E2B2uV6 — sys/net pf_norm.c pfvar.h
Fragments for a single connection (a combination of proto,src,dst,af) may easily reuse the fragment id as it is only 16 bit for IPv4. To avoid that pf reassembles them into the wrong packet, throw away stale fragments. With the default timeout this happens after 12,000 newer fragements have been seen. from markus@; OK sashan@
Version | Delta | File | |
---|---|---|---|
1.208 | +24 | -1 | sys/net/pf_norm.c |
1.458 | +9 | -1 | sys/net/pfvar.h |
+33 | -2 | 2 files |