Dropped fragment GRE

[STST]

Hi all,

I am currently running ipfw from FreeBSD-5.3-RELEASE on my box. The box passes GRE packets from the external to the internal network. We run Microsoft RDP over PPTP through the firewall. After upgrading to FreeBSD 5.3, we realised that the RDP connections never get initiated. When I did a tcpdump on the internal and external interfaces of the FW, I realised that there were fragmented GRE packets arriving at the FW, but however, these packets do not leave the FW. I also observed the SEQ no. in the GRE packets ingress/egress, and there were missing GRE packets on the egress.

My deduction was that ipfw was dropping these fragmented GRE packets, but however, these events were shown on syslog. How do I make ipfw log dropped/silently rejected packets? How to I prevent ipfw from dropping these packets?

Appreciate all help given,

Thank you.

J.W.