On 2011/09/08 13:00, Steffen Wendzel wrote: > Final patch: > > Index: pf_norm.c > =================================================================== > RCS file: /cvs/src/sys/net/pf_norm.c,v > retrieving revision 1.140 > diff -u -p -r1.140 pf_norm.c > --- pf_norm.c 18 Jul 2011 21:03:10 -0000 1.140 > +++ pf_norm.c 8 Sep 2011 10:02:37 -0000 > @@ -1454,4 +1454,7 @@ pf_scrub(struct mbuf *m, u_int16_t flags > if (flags & PFSTATE_RANDOMID && af == AF_INET && > !(h->ip_off & ~htons(IP_DF))) > h->ip_id = htons(ip_randomid()); > + > + /* clear IP reserved flag */ > + h->off &= ~htons(IP_RF); > }
IMO, this should have a flag and config variable associated with it.
