ipfw3: accept fragmented packets
Chuck Musser
cmusser at sonic.net
Tue Nov 29 19:15:12 PST 2016
OK, well, looking through the ipfw3(8) source,"frag" isn't mentioned anywhere. It might be
supported by the underlying kernel filter code (didn't look in there yet), but the userland
utility doesn't support it.
> On Nov 29, 2016, at 8:48 AM, Chuck Musser <cmusser at sonic.net> wrote:
>
>
>> On Nov 29, 2016, at 4:13 AM, Renato dos Santos <shazaum at gmail.com> wrote:
>>
>> Well, try with 'any'
>>
>> ipfw3 add 130 set 2 allow any frag via tun0
>>
>>
> Yes, I tried that, It says:
> ipfw3: protocol `any' not recognizable
>
> along with:
> ipfw3 add 130 set 2 allow all frag via tun0
> ipfw3 add 130 set 2 allow ip frag via tun0
> ipfw3 add 130 set 2 allow tcp frag via tun0
>
> These all fail with:
> ipfw3: bad command `frag'
>
> So far, no luck.
More information about the Users
mailing list