ipfilter seems to be broken on 7.2-PRERELEASE as of April 25:th
2009.
Jason Chambers
jchambers at ucla.edu
Mon May 11 20:08:14 UTC 2009
Jonas Bülow wrote:
>
> After reboot it was not reachable from the network. After some
> troubleshooting I found that ipfilter seems to be the problem. Returning
> traffic originating from my host (XXX) is blocked:
>
(... snip ...)
>
> Anyone seen this behaviour?
>
Yes. This appears to have made it to the RELEASE as well.
I believe it is due to updates to the FXP driver that allow checksumming
for tx/rx. My guess is checksumming is enabled by default and you (and
I) happen to have the cards recognized by FXP that do not support it.
(The BAD in the ipf log represents bad checksum)
If you do "ifconfig fxp0 -txcsum -rxcsum" your problem should go away.
For /etc/rc.conf, just add -txcsum -rxcsum to the interface definition.
Regards,
--Jason
More information about the freebsd-stable
mailing list