flags tcp and abscence of flag
Eduardo Meyer
dudu.meyer at gmail.com
Wed Feb 28 19:48:40 UTC 2007
On 2/28/07, Jeremy C. Reed <reed at reedmedia.net> wrote:
> On Wed, 28 Feb 2007, Eduardo Meyer wrote:
>
> > I need write a PF rule that does what this IPFW rule do:
> >
> > deny log tcp from any to any tcpflags fin,!syn,!rst,!ack in
> >
> > Someone told me to do this:
> >
> > block drop log in quick from any to any flags F/SRA
>
> This means: look at the SYN, RST, ACK flags but only match if the SYN flag
> is set.
>
> I think you want:
>
> flags F/FSRA
>
> So it will also inspect for the FIN flag.
Translating to human lang, what I want is "look everywhere and match
only packets with fin set but syn, rst and ack unset.
How can I do the "unset" evaluation?
--
===========
Eduardo Meyer
pessoal: dudu.meyer at gmail.com
profissional: ddm.farmaciap at saude.gov.br
More information about the freebsd-pf
mailing list