I beg your collective pardons. I didn't notice the netinet6 directory! Old timer ...
Ian On Sat, Oct 25, 2014 at 1:02 PM, Henning Brauer <[email protected]> wrote: > * Ian Grant <[email protected]> [2014-10-25 18:15]: >> #ifdef INET6 >> /* if reassembled packet passed, create new fragments */ >> if (pf_status.reass && action == PF_PASS && *m0 && fwdir == PF_FWD) { >> struct m_tag *mtag; >> >> if ((mtag = m_tag_find(*m0, PACKET_TAG_PF_REASSEMBLED, NULL))) >> action = pf_refragment6(m0, mtag, fwdir); >> } >> #endif >> >> But from pf.c, the fn pf_test is only ever called with fwdir == PF_OUT >> and the only other places from which it is called are in if_bridge.c, >> and they set fwdir to either PF_OUT or PF_IN (aliased as BRIDGE_OUT >> and BRIDGE_IN respectively, when PF is enabled). Therefore fwdir == >> PF_FWD never holds, and so reassembled IPv6 packets are never >> refragmented, contradicting the manual page pf.conf(5). > > you need to improve your grepping skills :) > > netinet6/ip6_forward.c:348: pf_test(AF_INET6, PF_FWD, encif, > &m, NULL) != PF_PASS) { > netinet6/ip6_forward.c:459: if (pf_test(AF_INET6, PF_FWD, rt->rt_ifp, &m, > NULL) != PF_PASS) { > > -- > Henning Brauer, [email protected], [email protected] > BS Web Services GmbH, http://bsws.de, Full-Service ISP > Secure Hosting, Mail and DNS. Virtual & Dedicated Servers, Root to Fully > Managed > Henning Brauer Consulting, http://henningbrauer.com/ >
