On Wednesday 2010-06-09 16:16, Patrick McHardy wrote: >>>> I'd like to be able to sendout a single IP packet with MF flag set. >>>> >>>> When using RAW sockets the packet will get stuck in the >>>> netfilter (NF_INET_LOCAL_OUT nf_defrag_ipv4 reassembly unit) >>>> and wont ever make it out.. >>>> >>>> I made a change which bypass the outgoing reassembly for >>>> RAW sockets, but I'm not sure wether it's too invasive.. >>>> >>> That would break reassembly (and thus connection tracking) for cases >>> where its really intended. >>> >>>> Is there any standard for RAW sockets behaviour? >>>> Or another way around? :) >>>> >>> You could use the NOTRACK target to bypass connection tracking. >> >> I tried the NOTRACK target, but the packet is still going >> throught reassembly, because the RAW filter has lower priority >> then the connection track defragmentation.. > >Right. Blech. That reminds me of http://marc.info/?l=netfilter-devel&m=126581823826735&w=2 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
