Site Navigation

Date:      Tue, 25 Oct 2005 23:21:15 +0400
From:      Anton Nikiforov <anton@nikiforov.ru>
To:        stable@FreeBSD.org
Cc:        current@freebsd.org
Subject:   pf and short packets
Message-ID:  <435E85AB.3070701@nikiforov.ru>

---

next in thread | raw e-mail | index | archive | help

---

This is a cryptographically signed message in MIME format.

--------------ms000200040006020205040905
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

Dear ALL!
Maybe someone can help me with my problem? I have no adea what is 
happening with my packets :(

I have 5.4-RELEASE-p8 FreeBSD 5.4-RELEASE-p8 box running pf.
And i have ipcad daemon running (installed from ports)

pf.conf says
pass quick on lo0 all

and when i'm trying to rsh to ipcad that is listening on
anna# netstat -a|grep shell
tcp4       0      0  localhost.shell *.*                    LISTEN

anna# rsh -l root localhost show ip accounting
i got no replay, but pflog says the following:
anna#  tcpdump -n -e -ttt -x -i pflog0 host 127.0.0.1
000034 rule 0/3(short): pass out on lo0: IP 127.0.0.1.514 > 
127.0.0.1.643: . ack 30 win 65535
         0x0000:  4600 002c 6605 4000 0306 11c5 7f00 0001  F..,f.@.........
         0x0010:  7f00 0001 0100 0000 0202 0283 8129 5dab  .............)].
         0x0020:  5db7 f2f2 5010 ffff 7dce 0000            ]...P...}...
000034 rule 0/3(short): pass out on lo0: IP 127.0.0.1.514 > 
127.0.0.1.643: . ack 30 win 65535
         0x0000:  4600 002c d21d 4000 0306 a5ac 7f00 0001  F..,..@.........
         0x0010:  7f00 0001 0100 0000 0202 0283 8129 5dab  .............)].
         0x0020:  5db7 f2f2 5010 ffff 7dce 0000            ]...P...}...

The rule for this packet is not a "log" one, but the sign (short) is 
what i cannot understand. The only place i have found this word is in 
man pflogd (reason why this packet appers in this log)
When i'm disabling pf by pfctl -d everything works just fine and i can 
get my ip accounting.

Best regards,
Anton Nikiforov



--------------ms000200040006020205040905
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGKDCC
AuEwggJKoAMCAQICAw6AYzANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE
ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv
bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDUwNDE2MTEwMzExWhcNMDYwNDE2MTEwMzEx
WjBEMR8wHQYDVQQDExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMSEwHwYJKoZIhvcNAQkBFhJh
bnRvbkBuaWtpZm9yb3YucnUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp45jI
HORB4RVcbIIDMttb19fW9gb9dIX4CVBbCZSPmX+gpsYUCswB/wcqnF98LoSTIYxiY/hUrENH
5lObA+oEazWWmZQR5MQIgZViQ3H7vJ1KpaQ8tR7atUsCMudFb9Wu4jYgvFbjhYLO0cOFOfhr
n99ucG5qpsXwriIbDYLT20xFvsbCk/zlMwPsIfxell+EM87MglUH5uym8LtcWVvfZgzYuNN0
1lJXF4Qs17X3y3XELuuRowdQGZQ6nNM2StTePuOL6J3piVERqhscLIpM9rjfH6nV8HM1+BW3
trgt5rWqzSfFlvxk6MF6cvz06xnE6Yw4FV63lrRzaiwm914/AgMBAAGjPzA9MA4GA1UdDwEB
/wQEAwIHgDAdBgNVHREEFjAUgRJhbnRvbkBuaWtpZm9yb3YucnUwDAYDVR0TAQH/BAIwADAN
BgkqhkiG9w0BAQQFAAOBgQASvk2h3CLH4S3NOw9yRfEdpHruWxov2mQvsV8qZKwjG8/661ze
FmsQhAS18+6hCgK84qNrCINydH06Y5jsAGmwS8r9m+xOPxDKiehmOSsOpSVShzIfWdRx5Ni1
uFvPwH9L6czsOlw0PAQnYEv0jVbel6SA5MUWHwJ8liIGxkhi3jCCAz8wggKooAMCAQICAQ0w
DQYJKoZIhvcNAQEFBQAwgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx
EjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNV
BAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQ
ZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxA
dGhhd3RlLmNvbTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3MTYyMzU5NTlaMGIxCzAJBgNVBAYT
AlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNU
aGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQTCBnzANBgkqhkiG9w0BAQEFAAOB
jQAwgYkCgYEAxKY8VXNV+065yplaHmjAdQRwnd/p/6Me7L3N9VvyGna9fww6YfK/Uc4B1OVQ
CjDXAmNaLIkVcI7dyfArhVqqP3FWy688Cwfn8R+RNiQqE88r1fOCdz0Dviv+uxg+B79AgAJk
16emu59l0cUqVIUPSAR/p7bRPGEEQB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMBAf8ECDAG
AQH/AgEAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVQ
ZXJzb25hbEZyZWVtYWlsQ0EuY3JsMAsGA1UdDwQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgG
A1UEAxMRUHJpdmF0ZUxhYmVsMi0xMzgwDQYJKoZIhvcNAQEFBQADgYEASIzRUIPqCy7MDaNm
rGcPf6+svsIXoUOWlJ1/TCG4+DYfqi2fNi/A9BxQIJNwPP2t4WFiw9k6GX6EsZkbAMUaC4J0
niVQlGLH2ydxVyWN3amcOY6MIE9lX5Xa9/eH1sYITq726jTlEBpbNU1341YheILcIRk13iSx
0x1G/11fZU8xggJEMIICQAIBATBpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUg
Q29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1h
aWwgSXNzdWluZyBDQQIDDoBjMAkGBSsOAwIaBQCggbEwGAYJKoZIhvcNAQkDMQsGCSqGSIb3
DQEHATAcBgkqhkiG9w0BCQUxDxcNMDUxMDI1MTkyMTE1WjAjBgkqhkiG9w0BCQQxFgQU852Z
0bjItZRjpKxbkNOc76nbOcgwUgYJKoZIhvcNAQkPMUUwQzAKBggqhkiG9w0DBzAOBggqhkiG
9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwDQYJKoZI
hvcNAQEBBQAEggEA31wWOjQ2syKGQr7Lv9MwGQbdLnV1VaPkwWm5IHFsE3esAhR7KyTlS57E
wTtdY7PTpgOjCVZ+cCXwMPl0njtb9P0pRqg7X7cs9MIAexocajdG/oO7EFnMfTvrFwC18tpD
Rxr0Qxwt3DiGOPTFFZ4S+zTUkA736zJ1M3/0bPSvOSHRqukpVlk79pfBuMn4SbUTLfB1jArY
2nkaYMCw7lSVvKLcui4UAtOuaMCBclRbxc8kz6nPM70/u++jnJtKife9bBno0uMtdloXmYhZ
VPrX2/DvYUM/jLKunfsweBuvbwS72jEQT1p4pgA1QRfOks5oZr8bsrQKNF8HpmxgJP+LYgAA
AAAAAA==
--------------ms000200040006020205040905--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?435E85AB.3070701>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact