Date: Fri, 13 Jul 2007 13:03:00 +0400 From: Alexey Sopov <adler@smtp.ru> To: "Scott Ullrich" <sullrich@gmail.com> Cc: freebsd-stable@freebsd.org Subject: Re[2]: Seems like pf skips some packets. Message-ID: <16210282798.20070713130300@smtp.ru> In-Reply-To: <d5992baf0707120856n31c0480aw6209be33820e3e30@mail.gmail.com> References: <241432407.20070712131014@smtp.ru> <d5992baf0707120856n31c0480aw6209be33820e3e30@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>> Why these packets weren't translated by pf nat rules or filtered by pf >> block rule? >> >> Note they appear once in five seconds. Tried to modify frag parameter, >> but this didn't help. Also I noticed they all have ACK bit set. >> >> Thank you. SU> What is the date of your build (uname -a). There was a commit SU> recently to fix fragmented packets w/ hardware checksums SU> http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/contrib/pf/net/pf_norm.c.diff?r1=1.11.2.4;r2=1.11.2.5;only_with_tag=RELENG_6 The date of my cvsup and build is Wed Jul 11 21:38:14 MSD 2007 I've checked /usr/src/sys/contrib/pf/net/pf_norm.c and noted it is patched conform link you provided. -- mailto:adler@smtp.ru
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?16210282798.20070713130300>