On Tue, Jul 11, 2000 at 01:12:42PM +0200, Stefan Schlott wrote:
> Andi Kleen wrote:
> > > Please tell me that I am wrong, but afaik the netfilter hooks only return
> > > fragmented packets (nf6 hooks are called after fragmentation when sending,
> > > and before defragmentation when receiving a packet).
> > Correct, it occurs after fragmentation.
> *sigh* which is why Lars (and me, too) had to modify the ipv6 module.
> Passing unfragmented packets to nf6 would be really hard to implement
> (as far as I understand the code)... but it would be really nice
> to have an interface which can modify whole packets when sending
> and receiving; the same thing for forwarding would result in an "always
> defragment" option, which would be somewhat "un-ip6-ish" :-)
The problem is that the unfragmented packet does not exist for locally
originated packets. The fragments are directly created from the user space
buffer. About the only way to get an unfragmented packet is to reassemble
it (like the v4 code does). For forwarded packets you would have to do that
anyways (although IPv6 stricly discourages it)