From owner-freebsd-net@FreeBSD.ORG Tue Feb 10 13:48:04 2015 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8C1ACF5D for ; Tue, 10 Feb 2015 13:48:04 +0000 (UTC) Received: from onlyone.friendlyhosting.spb.ru (onlyone.friendlyhosting.spb.ru [IPv6:2a01:4f8:131:60a2::2]) by mx1.freebsd.org (Postfix) with ESMTP id 4ADE5F6E for ; Tue, 10 Feb 2015 13:48:04 +0000 (UTC) Received: from [127.0.0.1] (nat.in.devexperts.com [89.113.128.63]) (Authenticated sender: lev@serebryakov.spb.ru) by onlyone.friendlyhosting.spb.ru (Postfix) with ESMTPSA id 41BE856402; Tue, 10 Feb 2015 16:47:53 +0300 (MSK) Message-ID: <54DA0C08.7060006@FreeBSD.org> Date: Tue, 10 Feb 2015 16:47:52 +0300 From: Lev Serebryakov Reply-To: lev@FreeBSD.org Organization: FreeBSD User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0 MIME-Version: 1.0 To: Andre Albsmeier Subject: Re: Problems with IP fragments References: <54C918D2.7090805@FreeBSD.org> <54C91E80.7020407@infracaninophile.co.uk> <54C92222.6000201@FreeBSD.org> <20150209212131.GA32613@schlappy> <54D9E233.1010702@FreeBSD.org> <20150210132652.GA3398@schlappy> In-Reply-To: <20150210132652.GA3398@schlappy> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Cc: freebsd-net , Matthew Seaman , Freddie Cash X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Feb 2015 13:48:04 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 10.02.2015 16:26, Andre Albsmeier wrote: >> reass works for me, but kills all IPv6 packets, so it should be >> "reass ip4 from any to any in [recv $iface]" > > Hmm, I tried again with ipv4 but this doesn't help (I don't use v6 > anyway here). But it seems to work as soon as I switch off layer2 > filtering. Normally I use net.link.ether.ipfw=1 (and, yes, I have > the appropriate arp rules installed). As soon as I switch this to > off, reassembly works. However, I have no idea why the reass code > messes around with layer2... Looks like, reass messes around with anything but ip4 in one way or other. - -- // Lev Serebryakov -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQJ8BAEBCgBmBQJU2gwHXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePx+cP/2ImVQjlp+Cx9mz6NWCMqTxP /mkArWXRH0R3zpfQAJ+rNCb9bK+7xSDduoKZ1nNolLMIrThKHnkTga6IN5ZG5EV+ S7RfUUFfJSBZMQO47ue2cgLMwAnIDDDqxxfpgZyDjVdPOEsf7Vgm45jr8Vzt1pZe PQq4Cz+JlAdSJKm59QJEeS7mlbOl5rVLV3CEsW1+iWBmqW06cg8Z8oDLY7OqveSt niplV7w1wAFOjjC55emydCfyOzPQBp8eVJYHZ1tCiq0Z8BhojX9/xZIrX54yRWc5 7YkDW7Sm8l1OWlOmzjQhRYXP5eBXGEIQeNHV2ZnO6gnF20up7BxDe7DIxxZef1DL L+oG8RKE0/NyAv0cachvx4Uhlk3VHFmI3xhQJiXdttPbpxfECAlpJtvolGaksSp4 1OQzhkvoXFt3dKlCVVmGo4MIcoKxBgZEEGy5pOUoHXDGkyzogPc1HFjmT+szdqKG Phsk3Dlt5cWYVAxGjpSXlQTpKuozVvkmIdWGBN9bY8xjDOLOFFUsESNI8Zk4PTXH /qP81DcUv06FS/BdC8ZlRtuEBRGbF+jIILA4INlVtxcvmIr7NSNOJnJuJzV/oWhV Hy2cAAhk40LIqm/WzCwDCuxPEL7Xkz83gXEtapnTUwqX3fv+4/mxNFvojOgVKMKe WgOZ7lGwdmOfe+obz+ye =ht4X -----END PGP SIGNATURE-----