On Sun, Jul 29, 2001 at 08:55:18PM -0400, Brad Chapman wrote:
> I am currently completing a port of the Netfilter connection
> tracking subsystem from IPv4 to IPv6. Most of the features in this
> port are complete, except for fragment handling, which is non-
> existent. I am also not entirely sure about how to properly parse
> header chains and extract various extension and layer-4 headers
> for use by the connection tracking subsystem. Enclosed with this
> message are my current efforts regarding IPv6 fragmentation and
> IPv6 header chain parsing.
I'm not sure if your 1:1 attempt of a port is a good idea.
In IPv6, routers do not fragment packets at all.
This clashes with the current way how connection tracking for IPv4 is
implemented in netfilter (defrag at input, refrag at output).
so, don't try to add fragmentation support to the core (nobody will include
it anyway, i guess), but try to implement a connection tracking which works
without that defrag-refrag need.
Live long and prosper
- Harald Welte / laforge@xxxxxxxxxxxx http://www.gnumonks.org
GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M-
V-- PS+ PE-- Y+ PGP++ t++ 5-- !X !R tv-- b+++ DI? !D G+ e* h+ r% y+(*)