Date: Wed, 24 Jan 2001 18:00:10 -0500 (EST) From: Alwyn Goodloe <agoodloe@gradient.cis.upenn.edu> To: Luigi Rizzo <rizzo@aciri.org> Cc: hackers@FreeBSD.ORG Subject: Re: Divert Sockets & Fragmentation Message-ID: <Pine.SOL.4.21.0101241755480.2862-100000@gradient.cis.upenn.edu> In-Reply-To: <200101242245.f0OMjUX20166@iguana.aciri.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I was originally diverting udp packets heading to a particular port then I flushed the ipfw and tried: ipfw add 60000 divert 4422 ip all from any to any in and still no packets are received by recvfrom(). Would the port numbers matter for this case. Alwyn agoodloe@gradient.cis.upenn.edu On Wed, 24 Jan 2001, Luigi Rizzo wrote: > it depends on what template do you use for matching. > the firewall acts before reassembly, so for the fragments you will > not be able to see the port numbers. > > cheers > luigi > > > I have been using divert sockets for a while sending small (< MTU) UDP > > packets and everything worked fine. Now that the UDP packets are larger > > (>MTU = 1500) and hence fragmentation is taking place there seems to be a > > problem. tcpdump tells me that the fragmented packets arrive but it seems > > that they are never diverted. I say this because after they are received > > recvfrom () never gets the packet. I've done things like play with the > > nbytes field of the recvfrom() fn. without any success. Any > > suggestions, I'm sure its something stupid. > > > > > > Alwyn > > agoodloe@gradient.cis.upenn.edu > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-hackers" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.4.21.0101241755480.2862-100000>