On 2015-03-16 09:51:55 (-0400), Eric van Gyzen wrote:
> Here is a brainstorm that might give the best of both: Return the
> reassembled packet from PFIL_IN, but with the original fragment chain
> stashed in metadata. Most of the stack operates on the single,
> reassembled packet. ip6_output() s
On 03/13/2015 22:05, Kristof Provost wrote:
> At that point we run into the packet size check, which in ip6_forward()
> is done before the pfil(PFIL_OUT) hook. That means that we'll send an
> ICMP6_PACKET_TOO_BIG error rather than forwarding the packet.
>
> The proposed fix in D1815 is to simply m
On 2015-02-10 00:24:16 (+0100), Kristof Provost wrote:
> On 2015-02-03 21:25:20 (+0100), Kristof Provost wrote:
> > Two of my systems are currently running them, seemingly without
> > problems.
> >
> The initial patch set had problems refragmenting in forwarding
> scenarios. That should be fixed
On 2014-12-18 11:29:01 (+0100), Ilya Bakulin wrote:
> On 2014-11-09 21:15, Kristof Provost wrote:
> > On 2014-11-09 14:30:55 (+0100), Ilya Bakulin wrote:
> >> On 07.11.14, 14:31, Kristof Provost wrote:
> > You can find the patch series here:
> > http://www.sigsegv.be/files/pf_inet6_frag.tar
> > a
On 2014-11-09 21:15, Kristof Provost wrote:
On 2014-11-09 14:30:55 (+0100), Ilya Bakulin wrote:
On 07.11.14, 14:31, Kristof Provost wrote:
You can find the patch series here:
http://www.sigsegv.be/files/pf_inet6_frag.tar
and everything in one big patch here:
http://www.sigsegv.be/files/pf_inet
