Am Mittwoch, den 19.03.2008, 09:40 +0100 schrieb Norman Maurer:
> Am Mittwoch, den 19.03.2008, 14:04 +0530 schrieb Girish Venkatachalam:
> > On 07:56:48 Mar 19, Norman Maurer wrote:
> > > Hi all,
> > > 
> > > im using freebsd 7.0  + gif interfaces + racoon + pf to filter stuff on
> > > my box. After upgrading to freebsd 7.0 I see some strange behavior. I
> > > see packets get dropped because of bad hdr length. The problems only
> > > seems to happen on traffic between the local nets and nets routed via
> > > ipsec. Here is a tcpdump snipped:
> > > 
> > > block in on em5: 192.168.175.4.1107 > 192.168.116.6.22:  tcp 544 [bad
> > > hdr length 12 - too short, < 20]
> > > 
> > > gif interface:
> > > gif5: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1402
> > >         tunnel inet 213.157.17.67 --> 213.23.198.131
> > >         inet 192.168.116.1 --> 192.168.175.1 netmask 0xffffff00 
> > > 
> > > 
> > > Any help is welcome.
> > 
> > A TCP header can never be less than 20 bytes.
> > 
> > And 12 is odd since all headers are a multiple of 4 bytes (word
> > boundary).
> > 
> > Check your MTU of the PPPoE/PPPoA/Ethernet/WiFi or whatever datalink
> > layer. I bet there is a problem there.
> > 
> > Best,
> > Girish
> > 
> Maybe the problem is the mtu of the gif interface ( 1402 ) ?
> I have a 4 mbit broadband connection ( no dsl ).
> 
> bye
> Norman

btw, if i remove pf all works fine :-/

Cheers,
Norman


_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to