ipfw fwd to closed port
Kristof Provost
kp at FreeBSD.org
Thu Jun 9 13:08:38 UTC 2016
On 9 Jun 2016, at 9:06, Slawa Olhovchenkov wrote:
> On Thu, Jun 09, 2016 at 03:00:17PM +0200, Kristof Provost wrote:
>
>> On 2016-06-09 02:02:40 (+0300), Slawa Olhovchenkov <slw at zxy.spb.ru> wrote:
>>> Forwarding by ipfw to closed local port generating RST packet with
>>> incorrect checksun. Is this know ussuse? Need open PR?
>>
>> Where did you capture the packet? If you've captured the packet on the
>> machine that generated it tcpdump may indeed claim that the checksum is
>> wrong, because it's computed by the hardware (so after tcpdump captured
>> it).
>
> On the tun0 (destination of RST packet routed to tun0).
> tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
> options=80000<LINKSTATE>
> inet 192.168.4.1 --> 192.168.4.1 netmask 0xffffff00
> inet6 fe80::240:63ff:fedc:ac9e%tun0 prefixlen 64 scopeid 0x9
> nd6 options=21<PERFORMNUD,AUTO\_LINKLOCAL>
> Opened by PID 1345
>
> tun0 don't computed checksum.
I’m not sure I understand what you’re trying to say.
In any case: either capture the packet outside the machine, or confirm
that the checksum is wrong by watching the relevant netstat counters.
Regards,
Kristof
More information about the freebsd-net
mailing list