From owner-freebsd-security@FreeBSD.ORG Mon May 12 04:40:56 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0341137B404 for ; Mon, 12 May 2003 04:40:55 -0700 (PDT) Received: from relay2.mecon.ar (relay2.mecon.ar [168.101.16.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id 75CCB43FF9 for ; Mon, 12 May 2003 04:40:53 -0700 (PDT) (envelope-from fernando@mecon.gov.ar) Received: from racing.mecon.ar (racing.mecon.ar [168.101.133.15]) by relay2.mecon.ar (8.12.6p2/8.12.6) with ESMTP id h4CBenBU030632; Mon, 12 May 2003 08:40:50 -0300 (ART) (envelope-from fernando@mecon.gov.ar) Received: from racing.mecon.ar (meyosp.mecon.gov.ar [10.11.0.149]) by racing.mecon.ar (8.12.6/8.12.6) with ESMTP id h4CBeisb029910; Mon, 12 May 2003 08:40:44 -0300 (ART) (envelope-from fernando@mecon.gov.ar) Received: from bal740r0.mecon.gov.ar (bal740r0.mecon.ar [10.11.1.11]) by racing.mecon.ar (8.12.6/8.12.6) with ESMTP id h4CBeiBn029907; Mon, 12 May 2003 08:40:44 -0300 (ART) (envelope-from fernando@mecon.gov.ar) Received: from bal740r0.mecon.gov.ar (localhost [127.0.0.1]) by bal740r0.mecon.gov.ar (8.12.6/8.12.6) with ESMTP id h4CBei8w000349; Mon, 12 May 2003 08:40:44 -0300 (ART) (envelope-from fernando@mecon.gov.ar) Received: (from fpscha@localhost) by bal740r0.mecon.gov.ar (8.12.6/8.12.6/Submit) id h4CBegRJ000348; Mon, 12 May 2003 08:40:42 -0300 (ART) (envelope-from fernando@mecon.gov.ar) X-Authentication-Warning: bal740r0.mecon.gov.ar: fpscha set sender to fernando@mecon.gov.ar using -f Date: Mon, 12 May 2003 08:40:42 -0300 From: Fernando Schapachnik To: Michael Collette Message-ID: <20030512114042.GA321@bal740r0.mecon.gov.ar> References: <200305100617.44245.metrol@metrol.net> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <200305100617.44245.metrol@metrol.net> User-Agent: Mutt/1.4.1i X-OS: FreeBSD 4.7 - http://www.freebsd.org cc: FreeBSD Security Subject: Re: Down the MPD road X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 May 2003 11:40:56 -0000 En un mensaje anterior, Michael Collette escribió: > While connected, when I attempt to browse around the public Internet some > pages just don't load, where others do. No rhyme or reason, and nothing > showing up in my logging of all denied packets via ipfw. For example, I can > hit CNN without a problem, then when I try news.google it never loads a page. > I can hit the main Yahoo page, but any of their other sites won't go. Really > odd. Looks like a MTU problem. I suggest you ping with different packet sizes and see which is the smallest size that doesn't get throught. Some web servers use the Don't Fragment bit on, and packets get discarted. If the application you are interested in works right, maybe it be worth to made some batch on the XP side to alter the routing table so the default route doesn't point to the VPN. Good luck. Fernando.