Date: Wed, 19 Mar 2008 14:04:28 +0530 From: Girish Venkatachalam <girishvenkatachalam@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: FreeBSD 7.0 and pf Message-ID: <20080319083428.GE28928@saraswathy.madambakam.org> In-Reply-To: <1205909808.7011.9.camel@norman-laptop> References: <1205909808.7011.9.camel@norman-laptop>
next in thread | previous in thread | raw e-mail | index | archive | help
--4Epv4kl9IRBfg3rk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 07:56:48 Mar 19, Norman Maurer wrote: > Hi all, >=20 > im using freebsd 7.0 + gif interfaces + racoon + pf to filter stuff on > my box. After upgrading to freebsd 7.0 I see some strange behavior. I > see packets get dropped because of bad hdr length. The problems only > seems to happen on traffic between the local nets and nets routed via > ipsec. Here is a tcpdump snipped: >=20 > block in on em5: 192.168.175.4.1107 > 192.168.116.6.22: tcp 544 [bad > hdr length 12 - too short, < 20] >=20 > gif interface: > gif5: flags=3D8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1402 > tunnel inet 213.157.17.67 --> 213.23.198.131 > inet 192.168.116.1 --> 192.168.175.1 netmask 0xffffff00=20 >=20 >=20 > Any help is welcome. A TCP header can never be less than 20 bytes. And 12 is odd since all headers are a multiple of 4 bytes (word boundary). Check your MTU of the PPPoE/PPPoA/Ethernet/WiFi or whatever datalink layer. I bet there is a problem there. Best, Girish --=20 "unix soi qui mal y pense" UNIX to him who evil thinks +------------------------------------------------------------------+ | GnuPG key : 0xC7BBF207 | http://wwwkeys.nl.pgp.net | | Fingerprint: 2AFF C264 20CE C80C DDFF CC15 AD3E F190 C7BB F207 | +------------------------------------------------------------------+ --4Epv4kl9IRBfg3rk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (OpenBSD) iD8DBQFH4NAUrT7xkMe78gcRAi87AKDI38Tkx+0lzvP9Vo6Y2p1f1IQHlACgzfs9 cKS+p7ppqQcVOebQ02r6LKc= =VgI4 -----END PGP SIGNATURE----- --4Epv4kl9IRBfg3rk--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080319083428.GE28928>