plagued by bad hdr length

Reinhold freebsd at violetlan.net
Wed May 7 22:59:31 UTC 2008 

Hi

I'm getting loads of bad hdr length from pf on our router running freebsd 7.0

I've tried just about everything I could find with google.

Lowering the mtu on my ng devices from 1492 all the way to 1485, anything
lower then that and we can't ssh out of our network and I get loads of
time outs every where.

I've tried also pretty much every possible solution with the scrub rules
in pf, I even disabled it a few times.

I honestly don't know what to try next.

tcpdump -n -e -tttt -i pflog0
2008-05-07 23:42:06.596965 rule 78/0(match): pass in on ng0:
89.240.55.163.3164 > 192.168.1.5.80:  tcp 20 [bad hdr length 8 - too
short, < 20]
2008-05-07 23:42:07.051043 rule 78/0(match): pass in on ng0:
89.240.55.163.3165 > 192.168.1.5.80:  tcp 20 [bad hdr length 8 - too
short, < 20]
2008-05-07 23:42:25.697087 rule 76/0(match): pass in on ng0:
80.81.242.13.51145 > 192.168.1.5.22:  tcp 36 [bad hdr length 8 - too
short, < 20]
2008-05-07 23:42:30.561467 rule 77/0(match): pass in on ng1:
80.81.242.14.63900 > 192.168.1.5.22:  tcp 36 [bad hdr length 8 - too
short, < 20]

And here are the same log again
tcpdump -n -e -tttt -r /var/log/pflog
2008-05-07 23:42:06.596965 rule 78/0(match): pass in on ng0:
89.240.55.163.3164 > 192.168.1.5.80: S 3008361134:3008361134(0) win 16384
<mss 1360,nop,nop,sackOK>
2008-05-07 23:42:07.051043 rule 78/0(match): pass in on ng0:
89.240.55.163.3165 > 192.168.1.5.80: S 1482992447:1482992447(0) win 16384
<mss 1360,nop,nop,sackOK>
2008-05-07 23:42:25.697087 rule 76/0(match): pass in on ng0:
80.81.242.13.51145 > 192.168.1.5.22: S 555277666:555277666(0) win 65535
<mss 1460,nop,wscale 1,nop,nop,timestamp[|tcp]>
2008-05-07 23:42:30.561467 rule 77/0(match): pass in on ng1:
80.81.242.14.63900 > 192.168.1.5.22: S 966982942:966982942(0) win 65535
<mss 1460,nop,wscale 1,nop,nop,timestamp[|tcp]>

Here is my ifconfig
ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0
mtu 1492
        inet wan1-ip --> wan1-gw netmask 0xffffffff
ng1: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0
mtu 1492
        inet wan2-ip --> wan2-gw netmask 0xffffffff

Anyone out there that can lend me a hand with fixing this?

Thanks
Reinhold

More information about the freebsd-questions mailing list