Date: Fri, 10 Jun 2005 15:24:09 +0800 From: "STST" <deepcracksg@yahoo.com.sg> To: <freebsd-questions@freebsd.org> Subject: Dropped fragment GRE Message-ID: <010501c56d8d$7168b130$36764b0a@hq.ida.gov.sg>
next in thread | raw e-mail | index | archive | help
Hi all, I am currently running ipfw from FreeBSD-5.3-RELEASE on my box. The box = passes GRE packets from the external to the internal network. We run = Microsoft RDP over PPTP through the firewall. After upgrading to FreeBSD = 5.3, we realised that the RDP connections never get initiated. When I = did a tcpdump on the internal and external interfaces of the FW, I = realised that there were fragmented GRE packets arriving at the FW, but = however, these packets do not leave the FW. I also observed the SEQ no. = in the GRE packets ingress/egress, and there were missing GRE packets on = the egress. My deduction was that ipfw was dropping these fragmented GRE packets, = but however, these events were shown on syslog. How do I make ipfw log = dropped/silently rejected packets? How to I prevent ipfw from dropping = these packets? Appreciate all help given, Thank you. J.W.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?010501c56d8d$7168b130$36764b0a>