* fragmentation flag
@ 2002-07-10 19:42 Jan Humme
0 siblings, 0 replies; only message in thread
From: Jan Humme @ 2002-07-10 19:42 UTC (permalink / raw)
To: netfilter
I am not sure about the fragmentation option: -f.
I understand that this flag is not needed "if you use connection tracking".
But what exactly is meant by "if you use connection tracking" ? Does it mean:
"if the ip_conntrack module is loaded", or does it mean: "if you have rules
using NEW, ESTABLISHED etc" ?
And is it correct that, in that case, all fragmented packets will be
unfragmented before they hit any chains, so I will not see any unfragmented
packets anyway?
And in case I do need to use the -f option, then in which chains and in which
rules?
BTW: I am using iptables v1.2.1a.
Jan Humme.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2002-07-10 19:42 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2002-07-10 19:42 fragmentation flag Jan Humme
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.