6.3-RC1: IPFILTER (ipf) firewall not working?

Pyun YongHyeon pyunyh at gmail.com
Thu Dec 6 03:45:14 PST 2007


On Thu, Dec 06, 2007 at 12:39:20PM +0200, Lasse Holmberg wrote:
 > Hej,
 > 
 > I can't get ipf working with 6.3-RC1, ipmon just keeps logging:
 > 
 > Dec  6 11:50:19 riks ipmon[506]: 11:50:18.378898 hme0 @0:3 b 172.16.0.2,1475 -> 172.16.0.3,22 PR tcp len 20 60 -S IN bad
 > Dec  6 11:50:25 riks ipmon[506]: 11:50:24.378765 hme0 @0:3 b 172.16.0.2,1475 -> 172.16.0.3,22 PR tcp len 20 60 -S IN bad
 > Dec  6 11:50:37 riks ipmon[506]: 11:50:36.378748 hme0 @0:3 b 172.16.0.2,1475 -> 172.16.0.3,22 PR tcp len 20 60 -S IN bad
 > Dec  6 11:51:01 riks ipmon[506]: 11:51:00.378835 hme0 @0:3 b 172.16.0.2,1475 -> 172.16.0.3,22 PR tcp len 20 60 -S IN bad
 > 

Try disabling checksum offload capability of hme(4).
#ifconfig hme0 -txcsum -rxcsum

I vaguely guess there is a bug in ipf as pf(4) works without problems.
-- 
Regards,
Pyun YongHyeon


More information about the freebsd-sparc64 mailing list