FreeBSD Mail Archives

Date:      Tue, 25 Oct 2005 23:21:15 +0400
From:      Anton Nikiforov <anton@nikiforov.ru>
To:        stable@FreeBSD.org
Cc:        current@freebsd.org
Subject:   pf and short packets
Message-ID:  <435E85AB.3070701@nikiforov.ru>

next in thread | raw e-mail | index | archive | help


[-- Attachment #1 --]
Dear ALL!
Maybe someone can help me with my problem? I have no adea what is 
happening with my packets :(

I have 5.4-RELEASE-p8 FreeBSD 5.4-RELEASE-p8 box running pf.
And i have ipcad daemon running (installed from ports)

pf.conf says
pass quick on lo0 all

and when i'm trying to rsh to ipcad that is listening on
anna# netstat -a|grep shell
tcp4       0      0  localhost.shell *.*                    LISTEN

anna# rsh -l root localhost show ip accounting
i got no replay, but pflog says the following:
anna#  tcpdump -n -e -ttt -x -i pflog0 host 127.0.0.1
000034 rule 0/3(short): pass out on lo0: IP 127.0.0.1.514 > 
127.0.0.1.643: . ack 30 win 65535
         0x0000:  4600 002c 6605 4000 0306 11c5 7f00 0001  F..,f.@.........
         0x0010:  7f00 0001 0100 0000 0202 0283 8129 5dab  .............)].
         0x0020:  5db7 f2f2 5010 ffff 7dce 0000            ]...P...}...
000034 rule 0/3(short): pass out on lo0: IP 127.0.0.1.514 > 
127.0.0.1.643: . ack 30 win 65535
         0x0000:  4600 002c d21d 4000 0306 a5ac 7f00 0001  F..,..@.........
         0x0010:  7f00 0001 0100 0000 0202 0283 8129 5dab  .............)].
         0x0020:  5db7 f2f2 5010 ffff 7dce 0000            ]...P...}...

The rule for this packet is not a "log" one, but the sign (short) is 
what i cannot understand. The only place i have found this word is in 
man pflogd (reason why this packet appers in this log)
When i'm disabling pf by pfctl -d everything works just fine and i can 
get my ip accounting.

Best regards,
Anton Nikiforov



[-- Attachment #2 --]
0�	*�H��
��0�10	+0�	*�H��
��(0��0�J��c0
	*�H��
0b10	UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA0
050416110311Z
060416110311Z0D10UThawte Freemail Member1!0	*�H��
	anton@nikiforov.ru0�"0
	*�H��
�0�
�����A�\l�2�[�����t��	P[	������
��*�_|.��!�bc�T�CG�S��k5�������bCq���J��<�ڵK2�Eoծ�6 �Vㅂ��Å9�k��npnj���"
���LE����3�!�^�_�3�̂U���\Y[�fظ�t�RW�,׵��u�.둣P�:��6J��>���Q�,�L������s5����-浪�'Ŗ�d��zr�����8^���sj,&�^?�?0=0U��0U0�anton@nikiforov.ru0U�00
	*�H��
���M��"��-�;rE��z�[/�d/�_*d�#���\�k����
��k�rt}:c��i�K����N?ʉ�f9+�%R�2Y�q�ص�[��K���:\4<'`K�Vޗ����|�"�Hb�0�?0���
0
	*�H��
0��10	UZA10UWestern Cape10U	Cape Town10U
Thawte Consulting1(0&UCertification Services Division1$0"UThawte Personal Freemail CA1+0)	*�H��
	personal-freemail@thawte.com0
030717000000Z
130716235959Z0b10	UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA0��0
	*�H��
��0����Ħ<UsU�N�ʙZh�up��������[�v�:a�Q���P
0�cZ,�p����+�Z�?qV˯<���6$*�+��w=�+��>�@�dק���e��*T�H���<a@dr`�����0��0U�0�0CU<0:08�6�4�2http://crl.thawte.com/ThawtePersonalFreemailCA.crl0U0)U"0 �010UPrivateLabel2-1380
	*�H��
��H��P��.�
�f�g�����C���L!��6�-�6/��P �p<���ab��:~�����t�%P�b��'qW%�ݩ�9�� Oe_�������N���4�[5Mw�V!x��!5�$��F�]_eO1�D0�@0i0b10	UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA�c0	+���0	*�H��
	1	*�H��
0	*�H��
	1
051025192115Z0#	*�H��
	1�Ѹȵ�c��[�Ӝ��9�0R	*�H��
	1E0C0
*�H��
0*�H��
�0
*�H��
@0+0
*�H��
(0
	*�H��
��\:46�"�B�˿�0�.uuU���i� qlw�{+$�K���;]c�Ӧ�	V~p%�0�t�;[��)F�;_�,��{j7F���Y�};����CG�C-�8�8����4Ԑ��2u3�l��9!Ѫ�)VY;������I�-�u�
��y`���T���ܺ.Ӯh��rT[��$ϩ�3�?��J���l���-vZ��YT�����aC?�����0x�o��1OZx�5AΒ�hf���
4_�l`$��b

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?435E85AB.3070701>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation