From owner-freebsd-net@FreeBSD.ORG  Fri Apr 26 15:05:25 2013
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id 28BDF614
 for <freebsd-net@freebsd.org>; Fri, 26 Apr 2013 15:05:25 +0000 (UTC)
 (envelope-from thomas@gibfest.dk)
Received: from mail.tyknet.dk (mail.tyknet.dk [IPv6:2a01:4f8:141:52a3:186::])
 by mx1.freebsd.org (Postfix) with ESMTP id DFA581E46
 for <freebsd-net@freebsd.org>; Fri, 26 Apr 2013 15:05:24 +0000 (UTC)
Received: from [10.10.1.100] (unknown [217.71.4.82])
 (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by mail.tyknet.dk (Postfix) with ESMTPSA id 865BAD596E;
 Fri, 26 Apr 2013 17:05:23 +0200 (CEST)
X-DKIM: OpenDKIM Filter v2.5.2 mail.tyknet.dk 865BAD596E
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=gibfest.dk; s=default;
 t=1366988723; bh=zNjVfbZsl1F5Lh7hffNr98/hM99glvh/w5q0+2VIQ74=;
 h=Date:From:To:CC:Subject:References:In-Reply-To;
 b=D/BfhwR7cnp8CNCTuw7XRHnbKRXq52rmLWksyR9JtEa2I9idRx0d6NDWmnMdKHCpw
 5b+UuGEykLVykQSSe+5/iqP4jzdiqBM7bKH/ox3O9NYWP+ncrh+LiwnAhvFaiQ+oCQ
 YEV7mOSUFtBCHn31uumEoO17v4ZLTC182o+uiDc8=
Message-ID: <517A97AB.2050103@gibfest.dk>
Date: Fri, 26 Apr 2013 17:05:15 +0200
From: Thomas Steen Rasmussen <thomas@gibfest.dk>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:17.0) Gecko/20130328 Thunderbird/17.0.5
MIME-Version: 1.0
To: Rainer Bredehorn <Bredehorn@gmx.de>
Subject: Re: Aw: PF IPv6 fragment support
References: <trinity-75812dac-8a1d-46c5-90ed-128ee2e785cc-1366357308687@3capp-gmx-bs49>
 <trinity-ec81fa0c-6719-4f11-a69f-f1230649794e-1366964770102@3capp-gmx-bs46>
In-Reply-To: <trinity-ec81fa0c-6719-4f11-a69f-f1230649794e-1366964770102@3capp-gmx-bs46>
X-Enigmail-Version: 1.5.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: freebsd-net@freebsd.org
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Apr 2013 15:05:25 -0000

On 26-04-2013 10:26, Rainer Bredehorn wrote:
>> I'm using FreeBSD 8.3 which doesn't support IPv6 fragments in PF.
>> Does FreeBSD 9.x PF support IPv6 fragments?
>> I can't find it in the 9.0 or 9.1 manpages. For pf.conf they are the same as in FreeBSD 8.3.
> I've modified the kernel PF implementation to pass IPv6 fragments.
> The first fragment is handled by the PF rules of course ignoring possible checksums.
> All other fragments are passed by PF to the IP stack.
> This can be done state-full but reassembling fragments is not supported.
>
> That's what I wanted.
>
> Rainer.

Care to share ? :)

/Thomas