From owner-freebsd-stable@FreeBSD.ORG  Fri Jul 13 09:03:09 2007
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@freebsd.org
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 2F59016A403
	for <freebsd-stable@freebsd.org>; Fri, 13 Jul 2007 09:03:09 +0000 (UTC)
	(envelope-from adler@smtp.ru)
Received: from smtp1.pochta.ru (smtp1.pochta.ru [81.211.64.6])
	by mx1.freebsd.org (Postfix) with ESMTP id DD84F13C48D
	for <freebsd-stable@freebsd.org>; Fri, 13 Jul 2007 09:03:08 +0000 (UTC)
	(envelope-from adler@smtp.ru)
Received: from [195.2.76.131] (helo=suntechnic.mshome.net)
	by smtp.pochta.ru ( sendmail 8.13.3/8.13.1) with esmtpa id
	1I9H3J-000BLD-HT; Fri, 13 Jul 2007 13:03:05 +0400
Date: Fri, 13 Jul 2007 13:03:00 +0400
From: Alexey Sopov <adler@smtp.ru>
X-Mailer: The Bat! (v3.5) Professional
X-Priority: 3 (Normal)
Message-ID: <16210282798.20070713130300@smtp.ru>
To: "Scott Ullrich" <sullrich@gmail.com>
In-Reply-To: <d5992baf0707120856n31c0480aw6209be33820e3e30@mail.gmail.com>
References: <241432407.20070712131014@smtp.ru>
	<d5992baf0707120856n31c0480aw6209be33820e3e30@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Cc: freebsd-stable@freebsd.org
Subject: Re[2]: Seems like pf skips some packets.
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: adler <adler@smtp.ru>
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Jul 2007 09:03:09 -0000

>> Why these packets weren't translated by pf nat rules or filtered by pf
>> block rule?
>>
>> Note they appear once in five seconds. Tried to modify frag parameter,
>> but this didn't help. Also I noticed they all have ACK bit set.
>>
>> Thank you.

SU> What is the date of your build (uname -a).   There was a commit
SU> recently to fix fragmented packets w/ hardware checksums
SU> http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/contrib/pf/net/pf_norm.c.diff?r1=1.11.2.4;r2=1.11.2.5;only_with_tag=RELENG_6


The date of my cvsup and build is Wed Jul 11 21:38:14 MSD 2007
I've checked /usr/src/sys/contrib/pf/net/pf_norm.c and noted it is
patched conform link you provided.



-- 
                           mailto:adler@smtp.ru