Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 4 Nov 2008 01:38:00 -0800
From:      Jeremy Chadwick <koitsu@FreeBSD.org>
To:        Matthias Kellermann <mk@adminlife.net>
Cc:        freebsd-pf@freebsd.org
Subject:   Re: rdr rule does not work (bad hdr length)
Message-ID:  <20081104093800.GA43676@icarus.home.lan>
In-Reply-To: <491012AE.7000409@adminlife.net>
References:  <491012AE.7000409@adminlife.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Tue, Nov 04, 2008 at 10:15:26AM +0100, Matthias Kellermann wrote:
> Hi list,
> 
> I'm trying to set up a simple rdr rule in pf (7.0-RELEASE-p5).
> 
> I have two hosts - host a (192.168.0.250) and host b (192.168.0.10) - in
> a local network and want to forward one port from host a to host b.
> 
> host a is the pf host. This is the rule to redirect traffic from host a
> to b:
> 
> rdr proto tcp from any to 192.168.0.250 port 23 -> 192.168.0.10
> pass log (all) proto tcp from any to 192.168.0.10 port 23 synproxy state
> 
> If I try to get a telnet connection from my client 192.168.0.51 the
> connection gets stuck and nothing happens. This is the output of tcpdump
> on the pflog0 interface:
> 
> # tcpdump -netttvvi pflog0
> 000000 rule 0/0(match): pass in on sis0: (tos 0x10, ttl 64, id 26668,
> offset 0, flags [DF], proto TCP (6), length 60) 192.168.0.51.54460 >
> 192.168.0.10.23: [|tcp]
> 000266 rule 0/0(match): pass out on sis0: (tos 0x10, ttl 64, id 25527,
> offset 0, flags [DF], proto TCP (6), length 44) 192.168.0.51.54460 >
> 192.168.0.10.23:  tcp 24 [bad hdr length 0 - too short, < 20]
> 
> Anybody has an idea whats wrong here?

This is not a pf problem.  tcpdump's snaplen defaults to 56 bytes, which
is too small when reading from pflog.  Use the -s flag to increase the
snaplen to 256 bytes, for example.  

-- 
| Jeremy Chadwick                                jdc at parodius.com |
| Parodius Networking                       http://www.parodius.com/ |
| UNIX Systems Administrator                  Mountain View, CA, USA |
| Making life hard for others since 1977.              PGP: 4BD6C0CB |

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081104093800.GA43676>