From owner-freebsd-net@FreeBSD.ORG  Fri Nov  7 13:31:06 2014
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 1C55EEC2;
 Fri,  7 Nov 2014 13:31:06 +0000 (UTC)
Received: from venus.codepro.be (venus.codepro.be [IPv6:2a01:4f8:162:1127::2])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
 bits))
 (Client CN "*.codepro.be", Issuer "Gandi Standard SSL CA" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id D0FD237C;
 Fri,  7 Nov 2014 13:31:05 +0000 (UTC)
Received: from vega.codepro.be (unknown [172.16.1.3])
 by venus.codepro.be (Postfix) with ESMTP id A2618E20C;
 Fri,  7 Nov 2014 14:31:01 +0100 (CET)
Received: by vega.codepro.be (Postfix, from userid 1001)
 id 9F75D2D1C; Fri,  7 Nov 2014 14:31:01 +0100 (CET)
Date: Fri, 7 Nov 2014 14:31:01 +0100
From: Kristof Provost <kristof@sigsegv.be>
To: Ilya Bakulin <ilya@bakulin.de>
Subject: Re: Checksumming outgoing packets in PF vs in ip[6]_output
Message-ID: <20141107133101.GF2044@vega.codepro.be>
References: <d2f0c43909d9c9bada9a5bda7719cfca@mail.bakulin.de>
 <1415210423.3394438.187470637.21CD8D3D@webmail.messagingengine.com>
 <9355b23f1a07008eca61f16ebd828d0b@mail.bakulin.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <9355b23f1a07008eca61f16ebd828d0b@mail.bakulin.de>
X-PGP-Fingerprint: E114 D9EA 909E D469 8F57  17A5 7D15 91C6 9EFA F286
X-Checked-By-NSA: Probably
User-Agent: Mutt/1.5.23 (2014-03-12)
Cc: freebsd-net@freebsd.org, Mark Felder <feld@freebsd.org>
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Nov 2014 13:31:06 -0000

On 2014-11-05 19:11:55 (+0100), Ilya Bakulin <ilya@bakulin.de> wrote:
> On 2014-11-05 19:00, Mark Felder wrote:
> > Now if we could only stamp out the bug with ipv6 fragment and pf I'd be
> > a happy, happy daemon. :-)
> 
> This is somewhat more complex problem, I'll take a look as the time 
> allows.
> 
I've been playing with it too. I have a patch which seems to be working,
but it currently drops the distinction between PFRULE_FRAGCROP and
PFRULE_FRAGDROP. OpenBSD dropped that a while ago, but I figured FreeBSD
wouldn't want user-visible changes.

I've been meaning to look at that some more but ... ENOTIME.
It's tentatively planned as a project for Chaos Congress (end of
December), but no promises.

If you like I can probably dig up the (non-clean) patches for you.

Regards,
Kristof