Site Navigation

Date:      Thu, 6 Dec 2007 20:13:56 +0900
From:      Pyun YongHyeon <pyunyh@gmail.com>
To:        Lasse Holmberg <lape63@soul.lnet.fi>
Cc:        freebsd-sparc64@freebsd.org
Subject:   Re: 6.3-RC1:  IPFILTER (ipf) firewall not working?
Message-ID:  <20071206111356.GC43643@cdnetworks.co.kr>
In-Reply-To: <20071206103920.GA35717@flipper.lnet.fi>
References:  <20071206103920.GA35717@flipper.lnet.fi>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

On Thu, Dec 06, 2007 at 12:39:20PM +0200, Lasse Holmberg wrote:
 > Hej,
 > 
 > I can't get ipf working with 6.3-RC1, ipmon just keeps logging:
 > 
 > Dec  6 11:50:19 riks ipmon[506]: 11:50:18.378898 hme0 @0:3 b 172.16.0.2,1475 -> 172.16.0.3,22 PR tcp len 20 60 -S IN bad
 > Dec  6 11:50:25 riks ipmon[506]: 11:50:24.378765 hme0 @0:3 b 172.16.0.2,1475 -> 172.16.0.3,22 PR tcp len 20 60 -S IN bad
 > Dec  6 11:50:37 riks ipmon[506]: 11:50:36.378748 hme0 @0:3 b 172.16.0.2,1475 -> 172.16.0.3,22 PR tcp len 20 60 -S IN bad
 > Dec  6 11:51:01 riks ipmon[506]: 11:51:00.378835 hme0 @0:3 b 172.16.0.2,1475 -> 172.16.0.3,22 PR tcp len 20 60 -S IN bad
 > 

Try disabling checksum offload capability of hme(4).
#ifconfig hme0 -txcsum -rxcsum

I vaguely guess there is a bug in ipf as pf(4) works without problems.
-- 
Regards,
Pyun YongHyeon

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071206111356.GC43643>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact