Date: Tue, 6 May 1997 15:14:05 -0700 (PDT) From: Archie Cobbs <archie@whistle.com> To: avalon@coombs.anu.edu.au (Darren Reed) Cc: zbs@softec.sk, freebsd-hackers@FreeBSD.ORG Subject: Re: divert still broken? Message-ID: <199705062214.PAA20349@bubba.whistle.com> In-Reply-To: <199705062153.OAA13640@gatekeeper.whistle.com> from Darren Reed at "May 7, 97 07:51:30 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> So long as the packet is a fragment, is at offset 0, then for UDP, it is > either not going to have any header data (ip_len == ip_hl << 2) or it > will have at least both ports (first 4 bytes of the header) - well it > should as fragmenting of data is done on 8 byte boundaries. Should the firewall then always & automatically reject any packet that doesn't have length a multiple of eight? This would be a pretty significant change.. is fragmentation *required* to be on multiples of eight? -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199705062214.PAA20349>