Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 10 Feb 2015 14:26:52 +0100
From:      Andre Albsmeier <andre@fbsd.ata.myota.org>
To:        Lev Serebryakov <lev@FreeBSD.org>
Cc:        Andre Albsmeier <andre@fbsd.ata.myota.org>, Matthew Seaman <m.seaman@infracaninophile.co.uk>, Freddie Cash <fjwcash@gmail.com>, freebsd-net <freebsd-net@freebsd.org>
Subject:   Re: Problems with IP fragments
Message-ID:  <20150210132652.GA3398@schlappy>
In-Reply-To: <54D9E233.1010702@FreeBSD.org>
References:  <54C918D2.7090805@FreeBSD.org> <54C91E80.7020407@infracaninophile.co.uk> <54C92222.6000201@FreeBSD.org> <CAOjFWZ4KVyYe65ggiHxy3SSw7MPMgx-0kD5ccfXOM%2BftwncP1A@mail.gmail.com> <20150209212131.GA32613@schlappy> <54D9E233.1010702@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Tue, 10-Feb-2015 at 13:49:23 +0300, Lev Serebryakov wrote:
> On 10.02.2015 00:21, Andre Albsmeier wrote:
> 
> > The ipfw man page says:
> > 
> > Usually a simple rule like:
> > 
> > # reassemble incoming fragments ipfw add reass all from any to any
> > in
> > 
> > is all you need at the beginning of your ruleset.
> > 
> > However, I could never make this work. It eats all fragments but 
> > the resulting final packet never makes it. I am back to
> > 
> > ipfw -q add 1 pass udp from any to $myip frag in recv $ifc
> > 
> > as I need it only for UDP. Frag reassembly in pf works well on the
> > other hand...
> reass works for me, but kills all IPv6 packets, so it should be "reass
> ip4 from any to any in [recv $iface]"

Hmm, I tried again with ipv4 but this doesn't help (I don't use v6
anyway here). But it seems to work as soon as I switch off layer2
filtering. Normally I use net.link.ether.ipfw=1 (and, yes, I have
the appropriate arp rules installed). As soon as I switch this to
off, reassembly works. However, I have no idea why the reass code
messes around with layer2...

	-Andre

> 
> 
> -- 
> // Lev Serebryakov AKA Black Lion

-- 
"FreeBSD has always been the operating system that
GNU/Linux-based operating systems should have been."
                               - Frank Pohlmann, IBM

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150210132652.GA3398>