From owner-freebsd-current Sun Feb 16 4:20:51 2003 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 025F737B401 for ; Sun, 16 Feb 2003 04:20:42 -0800 (PST) Received: from picard.dyn.newmillennium.net.au (ppp82.act.padsl.internode.on.net [150.101.200.81]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2576843FDD for ; Sun, 16 Feb 2003 04:20:40 -0800 (PST) (envelope-from deece@newmillennium.net.au) Received: from [10.0.1.1] (deece@picard [10.0.1.1]) by picard.dyn.newmillennium.net.au (8.12.7/8.12.7) with ESMTP id h1GCKDYI001902 for ; Sun, 16 Feb 2003 23:20:13 +1100 (EST) (envelope-from deece@newmillennium.net.au) Subject: Libalias Corruption From: "Alastair D'Silva" To: freebsd-current@freebsd.org Content-Type: text/plain Organization: New Millennium Networking Message-Id: <1045398012.846.21.camel@picard> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.1 Date: 16 Feb 2003 23:20:13 +1100 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I've had a weird problem since installing 5-CURRENT on my gateway, traffic originating from the gateway is fine, as is UDP from the unregistered network behind it, however, TCP traffic from the unregistered network is dropped. It seems that natd/libalias is corrupting the tcp header. The firewall works fine, and I have IPFW and divert sockets compiled into the kernel. The same behaviour is exhibited regardless of whether I have my own firewall rules loaded, or am using 'sh /etc/rc.firewall open'. Outputs below: picard# uname -a FreeBSD picard.dyn.newmillennium.net.au 5.0-CURRENT FreeBSD 5.0-CURRENT #11: Sat Feb 15 17:51:58 EST 2003 root@picard.dyn.newmillennium.net.au:/usr/obj/usr/src/sys/PICARD i386 picard# netstat -s | grep 'bad header checksums' Warning: sysctl(net.inet6.ip6.rip6stats): No such file or directory 49 bad header checksums picard# tcpdump -i rl2 host dhcp-194.nmn.cafn (FTP from windows box behind the gateway) 23:11:55.075298 dhcp-194.nmn.cafn.1047 > ftp.beastie.tdk.net.ftp: S 2949494356:2949494356(0) win 64240 (DF) 23:11:58.076300 dhcp-194.nmn.cafn.1047 > ftp.beastie.tdk.net.ftp: S 2949494356:2949494356(0) win 64240 (DF) 23:12:04.085186 dhcp-194.nmn.cafn.1047 > ftp.beastie.tdk.net.ftp: S 2949494356:2949494356(0) win 64240 (DF) picard# tcpdump -i tun0 23:11:55.075912 ppp82.act.padsl.internode.on.net.1047 > ftp.beastie.tdk.net.ftp: S 2949494356:2949494356(0) win 64240 (DF) 23:11:55.699558 ftp.beastie.tdk.net.ftp > ppp82.act.padsl.internode.on.net.1047: S 1498138710:1498138710(0) ack 2949494357 win 57344 (DF) 23:11:58.076850 ppp82.act.padsl.internode.on.net.1047 > ftp.beastie.tdk.net.ftp: S 2949494356:2949494356(0) win 64240 (DF) 23:11:58.652724 ftp.beastie.tdk.net.ftp > ppp82.act.padsl.internode.on.net.1047: S 1498138710:1498138710(0) ack 2949494357 win 57344 (DF) 23:11:58.653300 ftp.beastie.tdk.net.ftp > ppp82.act.padsl.internode.on.net.1047: S 1498138710:1498138710(0) ack 2949494357 win 57344 (DF) .23:12:04.085667 ppp82.act.padsl.internode.on.net.1047 > ftp.beastie.tdk.net.ftp: S 2949494356:2949494356(0) win 64240 (DF) 23:12:04.585676 ftp.beastie.tdk.net.ftp > ppp82.act.padsl.internode.on.net.1047: S 1498138710:1498138710(0) ack 2949494357 win 57344 (DF) 23:12:04.664324 ftp.beastie.tdk.net.ftp > ppp82.act.padsl.internode.on.net.1047: S 1498138710:1498138710(0) ack 2949494357 win 57344 (DF) 23:12:16.672935 ftp.beastie.tdk.net.ftp > ppp82.act.padsl.internode.on.net.1047: S 1498138710:1498138710(0) ack 2949494357 win 57344 (DF) picard# netstat -s | grep 'bad header checksums' 55 bad header checksums -- Alastair D'Silva mob: 0413 485 733 Networking Consultant fax: 0413 181 661 New Millennium Networking web: http://www.newmillennium.net.au To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message