> that malformed crap. You can also filter on undersize & oversized packets. > Pretty cheap insurance if you ask me, plus it reduces the named load. Is that filtering stateful? I'm asking because I'm wondering what your definition of "oversized packet" is. Mark.