From owner-freebsd-questions@FreeBSD.ORG  Sun Feb  8 14:59:29 2015
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 478FD949;
 Sun,  8 Feb 2015 14:59:29 +0000 (UTC)
Received: from mail-ig0-x231.google.com (mail-ig0-x231.google.com
 [IPv6:2607:f8b0:4001:c05::231])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 0CA8220B;
 Sun,  8 Feb 2015 14:59:29 +0000 (UTC)
Received: by mail-ig0-f177.google.com with SMTP id z20so11641460igj.4;
 Sun, 08 Feb 2015 06:59:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc:content-type;
 bh=q0ybmrFalyIrFK+/UJZ0Vzsfsz9574ILkGjUiPgkDYA=;
 b=vPytLl1pnSIjOaUMwQWEBLI+bSBUC3GOHqAuLoBhWJUL5ZEmgj6PlFraCeauf+qgwX
 GXLtwBrG4InH65F0zayTPFv9V7pm2jVsaxV7Bxrfi8peg0Qa81exorRuMPTlnaSczUrC
 tInmLRyJYuaDcObcTodp18AwjzIwXd9mIzShevR3bHVU9e+fSg+mgncmDO0HAF00aJf7
 SbI8103uawANixlwDTADg4Bfik1n9zITsx7nW7D+NYKnceAHuVzUpDAwsutv2QQl99tT
 IMGkbrV6QYoAan6kdlrN8ktn6EMFC3IUok3Wq/PMb/EdTPjkt1a+9Jwfa1tz9LpjQJd5
 +h5Q==
MIME-Version: 1.0
X-Received: by 10.107.9.91 with SMTP id j88mr21020375ioi.91.1423407568374;
 Sun, 08 Feb 2015 06:59:28 -0800 (PST)
Received: by 10.64.240.36 with HTTP; Sun, 8 Feb 2015 06:59:28 -0800 (PST)
In-Reply-To: <CAJ-Vmon=UzYCqrTAS0C_CSB4sBnsU13TTWae5Wkxvhm01Aoozw@mail.gmail.com>
References: <CALnnSEivExhv=v5jJ3xxFmJANCQs9Y+B7LFyEPeA1wtjk1zJwA@mail.gmail.com>
 <CAJ-Vmo=ggjvGPYqN5QS-cYF5zdLHMZixp7xXunDCE3s8xp2fmQ@mail.gmail.com>
 <CAJ-Vmon=UzYCqrTAS0C_CSB4sBnsU13TTWae5Wkxvhm01Aoozw@mail.gmail.com>
Date: Sun, 8 Feb 2015 15:59:28 +0100
Message-ID: <CALnnSEhKJv67sYb+_VXV0COfLYhtAgNZsy_fGM6PJHsAhCeQ=g@mail.gmail.com>
Subject: Re: HTTPS/TLS issue on a NDIS wrapped NIC
From: Simone Lombardo <evil.lombo@gmail.com>
To: Adrian Chadd <adrian@freebsd.org>
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1
Cc: FreeBSD Questions <freebsd-questions@freebsd.org>
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Feb 2015 14:59:29 -0000

Hi Adrian,

thanks for the reply. I have not seen other side effect other than cited
ones. it works fine also with various P2P and FTP protocols for instance.

I have probed the interface with netstat -id but the dropped and error
packet counters sign 0, so it doesn't seem explicity droppped by the
if_ndis module.
I guess further investigations requires a demo web server to check if it is
the remote peer to discard packets or the nic is falsely reporting their
transmission.

Is there any sysctl or debug feature you know to check if it discarded by
the local upper layers?

Thanks,
Simone

2015-02-07 17:30 GMT+01:00 Adrian Chadd <adrian@freebsd.org>:

> .. or if that isn't breaking things, maybe there's some packet
> corruption going on that triggers encryption failures? Normally a
> corrupted packet would just be dropped by some part of the stack.
>
>
> -adrian
>