Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 09 Jun 2012 01:12:50 -0700
From:      list_freebsd@bluerosetech.com
To:        freebsd-pf@freebsd.org
Subject:   IPv6 fragments firewall support?
Message-ID:  <4FD30582.90506@bluerosetech.com>

next in thread | raw e-mail | index | archive | help
There's a sentence at the end of the "Fragment Handling" section of the 
pf.conf man page:

"Currently, only IPv4 fragments are supported and IPv6 fragments are 
blocked unconditionally."

This is in pf.conf(5) for FreeBSD versions using pf 4.1.  It looks like 
we only have pf 4.5 in HEAD and I believe support for IPv6 fragments 
didn't arrive until OpenBSD 5.0 (after the pf.conf format change).

Is IPv6 fragmentation support still an issue?  I'm chasing down PMTU 
issues and came across this.  If it's the case, it would explain a lot 
of the problems I'm having with UDP over IPv6.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FD30582.90506>