Date: Fri, 1 Jul 2005 05:40:23 GMT From: Mark Andrews <Mark_Andrews@isc.org> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/82806: ipnat doesn't handle out of order fragments. Message-ID: <200507010540.j615eNPt013383@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/82806; it has been noted by GNATS. From: Mark Andrews <Mark_Andrews@isc.org> To: bug-followup@FreeBSD.org, Mark_Andrews@isc.org Cc: Subject: Re: kern/82806: ipnat doesn't handle out of order fragments. Date: Fri, 01 Jul 2005 15:38:38 +1000 I suspect the best fix to this is to attempt reassembly after ipfr_nat_knownfrag() succeeds (there is a additional fragment now) or before calling ipfr_nat_newfrag() and only calling ipfr_nat_newfrag() if the reassembly fails in which case you would also add the fragment to the fragment cache. If reassembly fails stop further processing on this packet and wait for the next fragment.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200507010540.j615eNPt013383>