From owner-freebsd-net@FreeBSD.ORG  Fri Apr 26 08:26:12 2013
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 42CF2BB4
 for <freebsd-net@freebsd.org>; Fri, 26 Apr 2013 08:26:12 +0000 (UTC)
 (envelope-from bredehorn@gmx.de)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19])
 by mx1.freebsd.org (Postfix) with ESMTP id D86F81755
 for <freebsd-net@freebsd.org>; Fri, 26 Apr 2013 08:26:11 +0000 (UTC)
Received: from 3capp-gmx-bs46.server.lan ([172.19.170.98]) by
 mrigmx.server.lan (mrigmx002) with ESMTP (Nemesis) id
 0M1TnD-1UlW8p0p45-00tV8S for <freebsd-net@FreeBSD.org>; Fri, 26 Apr 2013
 10:26:10 +0200
Received: from [93.159.253.121] by 3capp-gmx-bs46.server.lan with HTTP; Fri
 Apr 26 10:26:10 CEST 2013
MIME-Version: 1.0
Message-ID: <trinity-ec81fa0c-6719-4f11-a69f-f1230649794e-1366964770102@3capp-gmx-bs46>
From: "Rainer Bredehorn" <Bredehorn@gmx.de>
To: "net FreeBSD" <freebsd-net@FreeBSD.org>
Subject: Aw: PF IPv6 fragment support
Content-Type: text/plain; charset=UTF-8
Date: Fri, 26 Apr 2013 10:26:10 +0200 (CEST)
Importance: normal
Sensitivity: Normal
In-Reply-To: <trinity-75812dac-8a1d-46c5-90ed-128ee2e785cc-1366357308687@3capp-gmx-bs49>
References: <trinity-75812dac-8a1d-46c5-90ed-128ee2e785cc-1366357308687@3capp-gmx-bs49>
X-UI-Message-Type: mail
X-Priority: 3
X-Provags-ID: V03:K0:80w6oosKg79KW+NQ0WvCDbK+FwoQ8960kOM01JBBJ2u
 I0VubBMuZFGxrnF3g7DBlXYCrFB5XD+0V3U8iQItOPzS1iQzZN
 VyIjt24J0nxq/6giVcE4Mpj05/lXpfOzgLmkZRTv1/8fb9iN3G
 pgnkhX20GN1/dWdPbXkJhRqYLBTlONy9H0ftYoyj0d8rxMY4fH
 vCPkAVcX/fyJOArWaYt1IBU2LhcGMdzsNYqCrvRGFvcDBXtfxC
 QD05a7BAQAy9aENHCT2CuDEST/w5kdVHci80Fzg5cdtdkzLXlC Ubi8VE=
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Apr 2013 08:26:12 -0000


> I'm using FreeBSD 8.3 which doesn't support IPv6 fragments in PF.
> Does FreeBSD 9.x PF support IPv6 fragments?
> I can't find it in the 9.0 or 9.1 manpages. For pf.conf they are the same as in FreeBSD 8.3.

I've modified the kernel PF implementation to pass IPv6 fragments.
The first fragment is handled by the PF rules of course ignoring possible checksums.
All other fragments are passed by PF to the IP stack.
This can be done state-full but reassembling fragments is not supported.

That's what I wanted.

Rainer.