Date: Fri, 26 Apr 2013 10:26:10 +0200 (CEST) From: "Rainer Bredehorn" <Bredehorn@gmx.de> To: "net FreeBSD" <freebsd-net@FreeBSD.org> Subject: Aw: PF IPv6 fragment support Message-ID: <trinity-ec81fa0c-6719-4f11-a69f-f1230649794e-1366964770102@3capp-gmx-bs46> In-Reply-To: <trinity-75812dac-8a1d-46c5-90ed-128ee2e785cc-1366357308687@3capp-gmx-bs49> References: <trinity-75812dac-8a1d-46c5-90ed-128ee2e785cc-1366357308687@3capp-gmx-bs49>
next in thread | previous in thread | raw e-mail | index | archive | help
> I'm using FreeBSD 8.3 which doesn't support IPv6 fragments in PF. > Does FreeBSD 9.x PF support IPv6 fragments? > I can't find it in the 9.0 or 9.1 manpages. For pf.conf they are the same as in FreeBSD 8.3. I've modified the kernel PF implementation to pass IPv6 fragments. The first fragment is handled by the PF rules of course ignoring possible checksums. All other fragments are passed by PF to the IP stack. This can be done state-full but reassembling fragments is not supported. That's what I wanted. Rainer.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?trinity-ec81fa0c-6719-4f11-a69f-f1230649794e-1366964770102>