port-sparc64: www.netbsd.org && frags?

Subject: www.netbsd.org && frags?
To: None <port-sparc64@netbsd.org>
From: Adam Bozanich <abozan01@ccsf.edu>
List: port-sparc64
Date: 07/30/2003 20:32:07

Hi all.  Whenever I try to http://www.netbsd.org, ipfilter drops packets
with this:

Jul 30 12:57:59 temple ipmon[111]: 12:57:58.931317 dc0 @0:7 b 204.152.184.116 ->
192.168.x.x PR tcp len 20 (164) frag 144@1336 IN

I believe that this line is grabbing it:

block in log body quick all with short                          head 10

Or maybe it's from default drop.

For some reason I _ONLY_ have this problem with netbsd.org

Does anybody have information on the dangers of letting in these
fragments?

It looks like two packets come with every attempt:

204.152.184.116 -> 192.168.1.100 TCP TTL:53 TOS:0x0 ID:17939 IpLen:20
DgmLen:1356 MF
Frag Offset: 0x0000   Frag Size: 0x0014

204.152.184.116 -> 192.168.1.100 TCP TTL:53 TOS:0x0 ID:17939 IpLen:20
DgmLen:164
Frag Offset: 0x00A7   Frag Size: 0x0014


Am I just being paranoid by droping these? Why only netbsd.org giving
this to me?

-Adam Bozanich