Am Mittwoch, den 19.03.2008, 09:40 +0100 schrieb Norman Maurer: > Am Mittwoch, den 19.03.2008, 14:04 +0530 schrieb Girish Venkatachalam: > > On 07:56:48 Mar 19, Norman Maurer wrote: > > > Hi all, > > > > > > im using freebsd 7.0 + gif interfaces + racoon + pf to filter stuff on > > > my box. After upgrading to freebsd 7.0 I see some strange behavior. I > > > see packets get dropped because of bad hdr length. The problems only > > > seems to happen on traffic between the local nets and nets routed via > > > ipsec. Here is a tcpdump snipped: > > > > > > block in on em5: 192.168.175.4.1107 > 192.168.116.6.22: tcp 544 [bad > > > hdr length 12 - too short, < 20] > > > > > > gif interface: > > > gif5: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1402 > > > tunnel inet 213.157.17.67 --> 213.23.198.131 > > > inet 192.168.116.1 --> 192.168.175.1 netmask 0xffffff00 > > > > > > > > > Any help is welcome. > > > > A TCP header can never be less than 20 bytes. > > > > And 12 is odd since all headers are a multiple of 4 bytes (word > > boundary). > > > > Check your MTU of the PPPoE/PPPoA/Ethernet/WiFi or whatever datalink > > layer. I bet there is a problem there. > > > > Best, > > Girish > > > Maybe the problem is the mtu of the gif interface ( 1402 ) ? > I have a 4 mbit broadband connection ( no dsl ). > > bye > Norman
btw, if i remove pf all works fine :-/ Cheers, Norman _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
