* fragmentation flag
@ 2002-07-10 19:42 Jan Humme
0 siblings, 0 replies; only message in thread
From: Jan Humme @ 2002-07-10 19:42 UTC (permalink / raw)
To: netfilter
I am not sure about the fragmentation option: -f.
I understand that this flag is not needed "if you use connection tracking".
But what exactly is meant by "if you use connection tracking" ? Does it mean:
"if the ip_conntrack module is loaded", or does it mean: "if you have rules
using NEW, ESTABLISHED etc" ?
And is it correct that, in that case, all fragmented packets will be
unfragmented before they hit any chains, so I will not see any unfragmented
packets anyway?
And in case I do need to use the -f option, then in which chains and in which
rules?
BTW: I am using iptables v1.2.1a.
Jan Humme.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2002-07-10 19:42 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-07-10 19:42 fragmentation flag Jan Humme
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox