AW: Fragmented packets are not redirected
Spenst, Aleksej
Aleksej.Spenst at harman.com
Tue Oct 14 14:17:23 UTC 2014
Hi Kristof,
Thank you for your answer.
I read that "fragment reassemble" is the default behavior of scrub. So, "scrub in" and "scrub in fragment reassemble" is the same. But just to be sure I've also tried it already -> didn't help.
Regards,
Aleksej.
-----Ursprüngliche Nachricht-----
Von: Kristof Provost [mailto:kristof at sigsegv.be]
Gesendet: Dienstag, 14. Oktober 2014 15:57
An: Spenst, Aleksej
Cc: freebsd-pf at freebsd.org
Betreff: Re: Fragmented packets are not redirected
On 2014-10-14 09:33:44 (+0000), Spenst, Aleksej <Aleksej.Spenst at harman.com> wrote:
> It is clear that if the IP fragments are not reassembled at the server
> they cannot be redirected since the redirection rule is written for
> UDP packets. That is why I have this scrub rule at the very beginning
> of my pf.conf:
>
> scrub in on wlan0 all
>
> I thought that this rule should reassemble all the incoming fragments.
> The reassembled UDP packets should be then correctly passed through
> the rdr rule and redirected to my PC. But this does not happen.
>
I think that you want 'scrub in on wlan0 all fragment reassemble'.
Regards,
Kristof
More information about the freebsd-pf
mailing list