From owner-freebsd-net@FreeBSD.ORG  Sat Sep 24 18:53:27 2011
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E60A3106566B
	for <freebsd-net@freebsd.org>; Sat, 24 Sep 2011 18:53:27 +0000 (UTC)
	(envelope-from sclark46@earthlink.net)
Received: from elasmtp-spurfowl.atl.sa.earthlink.net
	(elasmtp-spurfowl.atl.sa.earthlink.net [209.86.89.66])
	by mx1.freebsd.org (Postfix) with ESMTP id BD08E8FC08
	for <freebsd-net@freebsd.org>; Sat, 24 Sep 2011 18:53:27 +0000 (UTC)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net;
	b=jYv11LEGzHDn4k7CqexMN/IPrjUlhO6z95w5hDtEmbGKgjpNb1ezf1CQLaGiscFl;
	h=Received:Message-ID:Date:From:Reply-To:User-Agent:MIME-Version:To:Subject:Content-Type:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP;
Received: from [69.22.83.66] (helo=joker.seclark.com)
	by elasmtp-spurfowl.atl.sa.earthlink.net with esmtpsa
	(TLSv1:AES256-SHA:256) (Exim 4.67)
	(envelope-from <sclark46@earthlink.net>) id 1R7Wzv-0005im-Bd
	for freebsd-net@freebsd.org; Sat, 24 Sep 2011 14:30:47 -0400
Message-ID: <4E7E21D6.60207@earthlink.net>
Date: Sat, 24 Sep 2011 14:30:46 -0400
From: Stephen Clark <sclark46@earthlink.net>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
	rv:1.9.1.15) Gecko/20101027 Fedora/3.0.10-1.fc12 Thunderbird/3.0.10
MIME-Version: 1.0
To: freebsd-net@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-ELNK-Trace: a437fbc6971e80f61aa676d7e74259b7b3291a7d08dfec79b59815805e4c3cef010853ae3f18dd38350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 69.22.83.66
X-Mailman-Approved-At: Sat, 24 Sep 2011 19:16:15 +0000
Subject: force reassembly of fragmented packets
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: sclark46@earthlink.net
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Sep 2011 18:53:28 -0000

Hi List,

I am using FreeBSD 6.3 and ipfilter as the FW. When I receive an out 
order fragment
of a UDP packet ipfilter drop its. I have a bimap setup mapping an external
routable address to a private address internal server also running 
FreeBSD 6.3.
Is there some way to force FreeBSD to reassemble the packet before 
passing it to ipfilter?

Thanks,
Steve

-- 

"They that give up essential liberty to obtain temporary safety,
deserve neither liberty nor safety."  (Ben Franklin)

"The course of history shows that as a government grows, liberty
decreases."  (Thomas Jefferson)