Max Laier wrote: > On Friday 29 June 2007, Max Laier wrote: > Does anyone know of a tool to generate nasty fragments to really test > this? Reordered / overlapping / etc. ?
I generally setup a chain using /usr/ports/security/fragrouter [server]<->[A fragrouter box B]<->[Device under test]<->[client] for the fragrouter box, you have to turn off ip forwarding and run two copies of fragrouter (one for each interface). The first copy is running fragrouter in forward only (A) and the other is running your fragmented packet forwarding (B). You want it so fragmentation is presented to your device under test. Note that you have to use -p (preserve header) for sending any fragments smaller than the protocol header. -- Mark Atkinson [EMAIL PROTECTED] (!wired)?(coffee++):(wired); _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
