Date: Mon, 09 Jul 2007 09:38:30 -0700 From: Mark Atkinson <atkin901@yahoo.com> To: freebsd-pf@freebsd.org Subject: Re: udp fragmentation Message-ID: <f6toab$bf$1@sea.gmane.org> References: <20070528224225.GC40678@registro.br> <20070629000630.GA52912@cdnetworks.co.kr> <200706291431.37159.max@love2party.net> <200706291505.05141.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Max Laier wrote: > On Friday 29 June 2007, Max Laier wrote: > Does anyone know of a tool to generate nasty fragments to really test > this? Reordered / overlapping / etc. ? I generally setup a chain using /usr/ports/security/fragrouter [server]<->[A fragrouter box B]<->[Device under test]<->[client] for the fragrouter box, you have to turn off ip forwarding and run two copies of fragrouter (one for each interface). The first copy is running fragrouter in forward only (A) and the other is running your fragmented packet forwarding (B). You want it so fragmentation is presented to your device under test. Note that you have to use -p (preserve header) for sending any fragments smaller than the protocol header. -- Mark Atkinson atkin901@yahoo.com (!wired)?(coffee++):(wired);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f6toab$bf$1>