Hi. I switched from 2.2 to 2.4 kernel and now the following proc entry doesn't exist: /proc/sys/net/ipv4/ip_always_defrag I want it to use in a fw environment (I activate this option and then filter all fragments). Is there any equivalent proc option? =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ** RoMaN SoFt / LLFB ** roman@madrid.com http://pagina.de/romansoft ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Hi.
I switched from 2.2 to 2.4 kernel and now the following proc entry doesn't exist: /proc/sys/net/ipv4/ip_always_defrag
I want it to use in a fw environment (I activate this option and then filter all fragments).
Is there any equivalent proc option?
Negative. We've had some SuSE-internal discussion about this a few weeks ago already, and it turned out that the kernel does some magic to find out if the packets need to be defragmented or not (basically it always defrags, which I find is suboptimal). It should be necessary to take a closer look at these particular portions of the code, especially in the cases where it doesn't defrag (if at all). Thanks, Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - -
participants (2)
-
Roman Drahtmueller -
RoMaN SoFt / LLFB!!