[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: tcp bad checksum on reply-to packets



On Thu, Mar 27, 2003 at 02:31:00PM -0500, David Powers wrote:
[ I was experimenting with a recent build of -current (3/25/2003)  ...
  a tcpdump -vv on both ends showed  ...
  do I just have a bad build of current? ]
  this might not be wholly relavant, but i was in a similar boat recently,
  experimenting with a -current.
  my difficulty was showing up differently;  i had a rule, say : 
block out log on $ext_if from any to 216.239.35.101 
  the tcpdump would then show something like: 
block in - ($ext_if's IP) > 216.239.35.101
  when i pinged it.
  pardon me for not having a copy/paste handy ... it was misreporting the
  rule( saying it was 'out' for when pf.conf was 'in', or vice versa )'s
  direction and i think also the SRC -> DST part of the tcpdump output was
  flipped...
  i was trying to figure out what was up, and considered posting up here
  to the group, but as the system was at that point running on a frankenversion
  somewhere between 3.2-patch and -current, due to a make build that bombed 
  after making it quite far along, i figured to post up *any* question about
  this would be like shooting myself in the face, seeing as how the system
  was running on a non-cleanly-exited make build.  
  <g>
  i went in and did a make install on tcpdump, outta /usr/src/whatever, and
  that fixed 1/2 of the problem, the 'in' / 'out' was now reported 
  correctly, but then something else was wrong...  don't remember what it was
  but it was either something i hadn't noticed before or "correcter" tcpdump
  output was letting me see..
  anyway, after i finally got a make build to fly from start to finish with
  a clean exit, the output of tcpdump has been utterly sane and in agreement
  with pf.conf.... so, yeah; i could buy the bad build of current angle, 
  especially if it hit any relavant hiccups.
  jared.