From owner-freebsd-current@FreeBSD.ORG Mon Aug 20 15:18:13 2007 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9304116A417 for ; Mon, 20 Aug 2007 15:18:13 +0000 (UTC) (envelope-from mistry.7@osu.edu) Received: from mail.united-ware.com (am-productions.biz [69.61.164.22]) by mx1.freebsd.org (Postfix) with ESMTP id 4E50013C45E for ; Mon, 20 Aug 2007 15:18:13 +0000 (UTC) (envelope-from mistry.7@osu.edu) Received: from [192.168.1.100] (cpe-71-72-80-132.columbus.res.rr.com [71.72.80.132]) (authenticated bits=0) by mail.united-ware.com (8.13.8/8.13.8) with ESMTP id l7KFuE4d081152 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 20 Aug 2007 11:56:21 -0400 (EDT) (envelope-from mistry.7@osu.edu) From: Anish Mistry To: David Malone Date: Mon, 20 Aug 2007 11:21:28 -0400 User-Agent: KMail/1.9.6 References: <200708191147.10340.amistry@am-productions.biz> <200708191751.23094.amistry@am-productions.biz> <20070820084759.GA65560@walton.maths.tcd.ie> In-Reply-To: <20070820084759.GA65560@walton.maths.tcd.ie> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1889172.9WWZj0gFI5"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200708201121.37098.mistry.7@osu.edu> X-Virus-Scanned: ClamAV 0.90.3/4005/Sun Aug 19 18:33:30 2007 on mail.united-ware.com X-Virus-Status: Clean Cc: freebsd-current@freebsd.org Subject: Re: Can't create TCP connections to certain IP addresses X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Aug 2007 15:18:13 -0000 --nextPart1889172.9WWZj0gFI5 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Monday 20 August 2007, David Malone wrote: > On Sun, Aug 19, 2007 at 05:51:14PM -0400, Anish Mistry wrote: > > I'm not sure how to do that with the version of m0nowall that the > > router is running. But I can exhibit this behavior on the local > > LAN without going through the router. > > In that case, run a tcpdump on both ends and see if the SYN packet > is arriving at the far end. You might also want to try using > "tcpdump -s0 -v" to check the checksums on the packets (though they > can't always be trusted on the packet's sender if the network card > supports checksum offloading). > > David. There doesn't seem to be checksum offloading on the sender ath0 sender: tcpdump -s0 -v=20 http://am-productions.biz/debug/littleguy.tcpdump.txt =46ar end: tcpdump -s0 -v host 192.168.1.188 http://am-productions.biz/debug/bigguy.tcpdump.txt =2D-=20 Anish Mistry --nextPart1889172.9WWZj0gFI5 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQBGybGBxqA5ziudZT0RAhEUAJ9WbjV7dIVjvxp0/2Cf44QOf/unhgCfbvSd LDxXrdgjc5tjYiXMF2+GK/8= =NomB -----END PGP SIGNATURE----- --nextPart1889172.9WWZj0gFI5--