At 18:59 Uhr -0400 26.8.2007, Chris Ross wrote:
[...]
> It looks like it's converting the "port unreachable" to send it
>back, but tcpdump is complaining that the icmp cksum is wrong for the
>packet that the NAT'ing software has generated. Is this a real bug
>in that code, or is something going wrong somewhere and I'm just
>misinterpreting the output of tcpdump?
Let me guess: You have hardware checksumming enabled on the related network
interfaces? Since tcpdump sees outgoing packets before the checksum is
generated, it gets confused. Ignore, or switch off hardware checksum
generation while testing.
HTH,
hauke
--
"It's never straight up and down" (DEVO)
