From owner-freebsd-questions@FreeBSD.ORG  Thu May  8 07:49:08 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 6E071106567C
	for <freebsd-questions@freebsd.org>;
	Thu,  8 May 2008 07:49:08 +0000 (UTC)
	(envelope-from freebsd@violetlan.net)
Received: from mail.violetlan.net (host-80-81-242-11.violetlan.net
	[80.81.242.11]) by mx1.freebsd.org (Postfix) with ESMTP id EDDFA8FC1C
	for <freebsd-questions@freebsd.org>;
	Thu,  8 May 2008 07:49:07 +0000 (UTC)
	(envelope-from freebsd@violetlan.net)
Received: from mail.violetlan.net (localhost [127.0.0.1])
	by mail.violetlan.net (Postfix) with ESMTP id 258C311460;
	Thu,  8 May 2008 08:51:50 +0100 (BST)
Received: from www.violetlan.net (mbali.violetlan.net [10.0.100.150])
	by mail.violetlan.net (Postfix) with ESMTP id E70E01142B;
	Thu,  8 May 2008 08:51:49 +0100 (BST)
Received: from 217.41.34.61
	(SquirrelMail authenticated user freebsd@violetlan.net)
	by www.violetlan.net with HTTP; Thu, 8 May 2008 08:50:10 +0100 (BST)
Message-ID: <55450.217.41.34.61.1210233010.squirrel@www.violetlan.net>
In-Reply-To: <00cf01c8b099$77abc5d0$67035170$@com>
References: <3184.89.240.55.163.1210201232.squirrel@www.violetlan.net>
	<00cf01c8b099$77abc5d0$67035170$@com>
Date: Thu, 8 May 2008 08:50:10 +0100 (BST)
From: "Reinhold" <freebsd@violetlan.net>
To: "Ansar Mohammed" <ansarm@gmail.com>
User-Agent: SquirrelMail/1.5.1
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: ClamAV using ClamSMTP
Cc: freebsd-questions@freebsd.org
Subject: RE: plagued by bad hdr length
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 08 May 2008 07:49:08 -0000

Thanks for the reply

If tried that as well and it didn't help



On Thu, May 8, 2008 00:24, Ansar Mohammed wrote:
> Yes I had similar issues
>
>
> Try
> scrub on ng0 all reassemble tcp scrub on ng1 all reassemble tcp
>
>
>
>> -----Original Message-----
>> From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-
>> questions@freebsd.org] On Behalf Of Reinhold Sent: May 7, 2008 7:01 PM
>> To: freebsd-questions@freebsd.org
>> Subject: plagued by bad hdr length
>>
>>
>> Hi
>>
>>
>> I'm getting loads of bad hdr length from pf on our router running
>> freebsd 7.0
>>
>> I've tried just about everything I could find with google.
>>
>>
>> Lowering the mtu on my ng devices from 1492 all the way to 1485,
>> anything lower then that and we can't ssh out of our network and I get
>> loads of time outs every where.
>>
>> I've tried also pretty much every possible solution with the scrub
>> rules in pf, I even disabled it a few times.
>>
>> I honestly don't know what to try next.
>>
>>
>> tcpdump -n -e -tttt -i pflog0 2008-05-07 23:42:06.596965 rule
>> 78/0(match): pass in on ng0:
>> 89.240.55.163.3164 > 192.168.1.5.80:  tcp 20 [bad hdr length 8 - too
>> short, < 20] 2008-05-07 23:42:07.051043 rule 78/0(match): pass in on ng0:
>>  89.240.55.163.3165 > 192.168.1.5.80:  tcp 20 [bad hdr length 8 - too
>> short, < 20] 2008-05-07 23:42:25.697087 rule 76/0(match): pass in on ng0:
>>  80.81.242.13.51145 > 192.168.1.5.22:  tcp 36 [bad hdr length 8 - too
>> short, < 20] 2008-05-07 23:42:30.561467 rule 77/0(match): pass in on ng1:
>>  80.81.242.14.63900 > 192.168.1.5.22:  tcp 36 [bad hdr length 8 - too
>> short, < 20]
>>
>> And here are the same log again
>> tcpdump -n -e -tttt -r /var/log/pflog 2008-05-07 23:42:06.596965 rule
>> 78/0(match): pass in on ng0:
>> 89.240.55.163.3164 > 192.168.1.5.80: S 3008361134:3008361134(0) win
>> 16384
>> <mss 1360,nop,nop,sackOK>
>> 2008-05-07 23:42:07.051043 rule 78/0(match): pass in on ng0:
>> 89.240.55.163.3165 > 192.168.1.5.80: S 1482992447:1482992447(0) win
>> 16384
>> <mss 1360,nop,nop,sackOK>
>> 2008-05-07 23:42:25.697087 rule 76/0(match): pass in on ng0:
>> 80.81.242.13.51145 > 192.168.1.5.22: S 555277666:555277666(0) win 65535
>> <mss 1460,nop,wscale 1,nop,nop,timestamp[|tcp]>
>> 2008-05-07 23:42:30.561467 rule 77/0(match): pass in on ng1:
>> 80.81.242.14.63900 > 192.168.1.5.22: S 966982942:966982942(0) win 65535
>> <mss 1460,nop,wscale 1,nop,nop,timestamp[|tcp]>
>>
>>
>> Here is my ifconfig
>> ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric
>> 0
>> mtu 1492 inet wan1-ip --> wan1-gw netmask 0xffffffff ng1:
>> flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0
>> mtu 1492 inet wan2-ip --> wan2-gw netmask 0xffffffff
>>
>> Anyone out there that can lend me a hand with fixing this?
>>
>>
>> Thanks
>> Reinhold
>>
>>
>> _______________________________________________
>> freebsd-questions@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>> To unsubscribe, send any mail to "freebsd-questions-
>> unsubscribe@freebsd.org"
>
>