From owner-freebsd-net@freebsd.org  Thu Jun  9 13:00:21 2016
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id B2082B6EA04;
 Thu,  9 Jun 2016 13:00:21 +0000 (UTC)
 (envelope-from kp@vega.codepro.be)
Received: from venus.codepro.be (venus.codepro.be [IPv6:2a01:4f8:162:1127::2])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
 bits))
 (Client CN "*.codepro.be", Issuer "Gandi Standard SSL CA 2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 6E2011C3A;
 Thu,  9 Jun 2016 13:00:20 +0000 (UTC)
 (envelope-from kp@vega.codepro.be)
Received: from vega.codepro.be (unknown [172.16.1.3])
 by venus.codepro.be (Postfix) with ESMTP id AFF701E46C;
 Thu,  9 Jun 2016 15:00:17 +0200 (CEST)
Received: by vega.codepro.be (Postfix, from userid 1001)
 id A7C4880AC; Thu,  9 Jun 2016 15:00:17 +0200 (CEST)
Date: Thu, 9 Jun 2016 15:00:17 +0200
From: Kristof Provost <kp@FreeBSD.org>
To: Slawa Olhovchenkov <slw@zxy.spb.ru>
Cc: stable@freebsd.org, freebsd-net@freebsd.org
Subject: Re: ipfw fwd to closed port
Message-ID: <20160609130017.GA4071@vega.codepro.be>
References: <20160608230240.GA51364@zxy.spb.ru>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20160608230240.GA51364@zxy.spb.ru>
X-Checked-By-NSA: Probably
User-Agent: Mutt/1.6.1 (2016-04-27)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jun 2016 13:00:21 -0000

On 2016-06-09 02:02:40 (+0300), Slawa Olhovchenkov <slw@zxy.spb.ru> wrote:
> Forwarding by ipfw to closed local port generating RST packet with
> incorrect checksun. Is this know ussuse? Need open PR?

Where did you capture the packet? If you've captured the packet on the
machine that generated it tcpdump may indeed claim that the checksum is
wrong, because it's computed by the hardware (so after tcpdump captured
it).

Regards,
Kristof