Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 're: use "no scrub"' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
re: use "no scrub"
Authored by: patsch on Apr 04, '06 02:26:41AM
following your advice I changed the lines concerning scrubbing in my to pf.conf to these:

#
# the list of "no scrub" hosts is a broad guess. i didn't narrow it down to the only "one" guilty.
#
no scrub in from { images.apple.com, www.mac.com, switch.atdmt.com, metrics.apple.com, swscan.apple.com, phobos.apple.com }
#
# the following two lines are taken from the "inventor" of pf at http://www.benzedrine.cx/pf.conf
#
scrub in on $ext_if all fragment reassemble
scrub out on $ext_if all random-id fragment reassemble

and, yes, you are right: things work that way! thanks!

[ Reply to This | # ]