[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: tcp bad checksum on reply-to packets
On Thu, Mar 27, 2003 at 02:31:00PM -0500, David Powers wrote:
[ I was experimenting with a recent build of -current (3/25/2003) ...
a tcpdump -vv on both ends showed ...
do I just have a bad build of current? ]
this might not be wholly relavant, but i was in a similar boat recently,
experimenting with a -current.
my difficulty was showing up differently; i had a rule, say :
block out log on $ext_if from any to 126.96.36.199
the tcpdump would then show something like:
block in - ($ext_if's IP) > 188.8.131.52
when i pinged it.
pardon me for not having a copy/paste handy ... it was misreporting the
rule( saying it was 'out' for when pf.conf was 'in', or vice versa )'s
direction and i think also the SRC -> DST part of the tcpdump output was
i was trying to figure out what was up, and considered posting up here
to the group, but as the system was at that point running on a frankenversion
somewhere between 3.2-patch and -current, due to a make build that bombed
after making it quite far along, i figured to post up *any* question about
this would be like shooting myself in the face, seeing as how the system
was running on a non-cleanly-exited make build.
i went in and did a make install on tcpdump, outta /usr/src/whatever, and
that fixed 1/2 of the problem, the 'in' / 'out' was now reported
correctly, but then something else was wrong... don't remember what it was
but it was either something i hadn't noticed before or "correcter" tcpdump
output was letting me see..
anyway, after i finally got a make build to fly from start to finish with
a clean exit, the output of tcpdump has been utterly sane and in agreement
with pf.conf.... so, yeah; i could buy the bad build of current angle,
especially if it hit any relavant hiccups.