Userspace packet queuing with libipq: ip_conntrack does
not defragment?
Martijn Lievaart
m at rtij.nl
Wed May 9 18:34:22 CEST 2007
Michael Ransburg wrote:
> However, since ip_conntrack is loaded I would expect that
> the packets are defragmented before they are passed to my userspace
> appliation (as indicated here for example:
> http://lists.netfilter.org/pipermail/netfilter/2002-May/034006.html).
> This does not seem the case, i.e., the maximum size of the packets
> which I get (through ->data_len) is 1500 bits.
>
> The len parameter of the ipq_read method is well over 1500, as is the
> buffer size.
Do you actually have packets greater than 1500 bytes? That would mean
you send over loopback, tokenring, etc, but NOT ethernet.
Maybe you are confusing datagram and packet fragmentation. Conntrack
only defragments packets, not datagrams.
HTH,
M4
More information about the netfilter-devel
mailing list