Date: Sat, 21 Nov 2009 20:25:17 +0100 From: olli hauer <ohauer@gmx.de> To: Victor Lyapunov <fullblaststorm@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: sending mail with attachments always fails (FreeBSD/pf) Message-ID: <4B083E9D.5070508@gmx.de> In-Reply-To: <6c51dbb10911211007x4ea07528y7642460629788903@mail.gmail.com> References: <6c51dbb10911210706g3490e463x7fdf3809243e30d2@mail.gmail.com> <4B082302.3040704@gmx.de> <6c51dbb10911211007x4ea07528y7642460629788903@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Victor Lyapunov wrote:
> Thanks for your answer, olli.
>
> As i send mail not from my freebsd server, but rather from the clients
> on the local network, so here's what i did:
>
> my pf.conf:
> set loginterface pflog0
> set block-policy drop
> set skip on lo0
> block drop log on em0 all
> pass log inet proto tcp from 192.168.0.0/24 to any port {smtp, pop3,
> imap, smtps, pop3s} flags S/SA keep state
> pass log proto udp from any to any port = domain keep state
>
>
> # tcpdump -net -i pflog0
> Now i went to a windows computer and tried to send an email with
> attachment to gmail.com (sending failed at 2%)
>
> here's what i got in my pflog:
>
> rule 4/0(match): pass in on em0: (tos 0x0, ttl 128, id 19860, offset
> 0, flags [DF], proto TCP (6), length 48) 192.168.0.5.1822 >
> 209.85.129.111.465: [|tcp]
> rule 4/0(match): pass out on em0: (tos 0x0, ttl 127, id 19860, offset
> 0, flags [DF], proto TCP (6), length 48) 192.168.0.5.1822 >
> 209.85.129.111.465: tcp 28 [bad hdr length 0 - too short, < 20]
why is the [DF] bit set?
can you try with the following pf option
scrub all no-df
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B083E9D.5070508>