IP Fragmentation (allow?)

Is there a setting(s) for either PF, FreeBSD or both that I can configure and it will implicitly allow IP fragmentation? I want to allow IP fragments across the NAT'd interfaces.
 
If I'm not mistaken both (PF and FreeBSD) will accept them without any configuration. For PF you need to specifically enable fragment re-assembly:
Code:
scrub fragment reassemble
See pf.conf(5)
 
Back
Top