From owner-freebsd-security Fri Jul 23 14:30: 8 1999 Delivered-To: freebsd-security@freebsd.org Received: from sirius.ctr.columbia.edu (sirius.ctr.columbia.edu [128.59.64.60]) by hub.freebsd.org (Postfix) with ESMTP id 08FD715693 for ; Fri, 23 Jul 1999 14:30:05 -0700 (PDT) (envelope-from wpaul@comet.columbia.edu) Received: from comet.columbia.edu (xylophone.comet.columbia.edu [128.59.68.38]) by sirius.ctr.columbia.edu (8.9.1/8.6.4.287) with ESMTP id RAA00718; Fri, 23 Jul 1999 17:30:04 -0400 (EDT) From: wpaul@comet.columbia.edu (Bill Paul) Received: (from wpaul@localhost) by comet.columbia.edu (8.9.3/8.8.7/COMET) id RAA02570; Fri, 23 Jul 1999 17:30:04 -0400 (EDT) Message-Id: <199907232130.RAA02570@comet.columbia.edu> Subject: Re: wi driver with SKIP In-Reply-To: from Jim Flowers at "Jul 23, 1999 05:16:37 pm" To: jflowers@ezo.net (Jim Flowers) Date: Fri, 23 Jul 1999 17:30:04 -0400 (EDT) Cc: skip-info@skip-vpn.org, freebsd-security@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Of all the gin joints in all the towns in all the world, Jim Flowers had to walk into mine and say: > Ran test between two fbsd boxes, one with SKIP on box A and the other > with SKIP on wi interface (box C) with an intermediate WavePOINT II as in: > > =======Ethernet========= [C] > | | | > [SKIP] [B] [SKIP] > | | | > [A] [W1]--))))[WP-1][WP-2](((([W2] > > W1 and W2 are IEEE/ISA Turbo cards with the wi driver > > Ping requests originating from A are succesfully encapsulated and arrive > at C where they are successfully de-encapsulated causing a ping response > from C that begins the trek back to A. Tcpdump, gets a copy of > the frame through the bpf interface to the wi driver which it correctly > identifies the source and destination addresses and that the IP type is > SKIP (57) but complains that the packet has been truncated and is short > by 120 bytes. With SKIP turned off, transmission is successful in both > directions. Ideally what you ought to do is run tcpdump -n -e -p -x -s1514 -i wi0 on both sides. This will avoid putting the interface into promiscuous mode (changes the operation of the NIC slightly) and will dump out the packet contents. At this point, you show me the packet contents so I can see for myself the difference between how the frame should look and how it ultimately does look. Furthermore, what happens when you ping W2 from W1? > Would have done more but the building that Hillary Clinton is speaking > in front of is next to ours and we got kicked out by the secret service. You know, I've heard plenty of excuses in my time, but this one takes the cake. Not that I'm assusing you of lying, but this is definitely one for the books. -Bill -- ============================================================================= -Bill Paul (212) 854-6020 | System Manager, Master of Unix-Fu Work: wpaul@ctr.columbia.edu | Department of Electrical Engineering Home: wpaul@skynet.ctr.columbia.edu | Columbia University, New York City ============================================================================= "Mulder, toads just fell from the sky!" "I guess their parachutes didn't open." ============================================================================= To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message