Re: rsh is malfunctioning due to pf
From: Daniel Hartmeier (daniel_at_benzedrine.cx)
Date: 11/27/04
- Previous message: Tomasz Konefal: "Odd routing issue"
- In reply to: Andrew Degtiariov: "rsh is malfunctioning due to pf"
- Next in thread: Andrew Degtiariov: "Re: rsh is malfunctioning due to pf"
- Reply: Andrew Degtiariov: "Re: rsh is malfunctioning due to pf"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 27 Nov 2004 13:01:49 +0100 To: freebsd-net@freebsd.org, freebsd-current@freebsd.org
On Fri, Nov 26, 2004 at 10:33:54PM +0200, Andrew Degtiariov wrote:
> I have ipcad installed on 2 PC's running 5.3-RELEASE and 5-STABLE from
> Nov 21. ipcad (ports/net-mgmt/ipcad) provides ability to control them
> by rsh (ipcad implement rsh server by yourself). While using pf with
> primitive rulesets rsh stops its working. It seems like pf drop short
> packets.
The 'short' reason is a little overloaded, it can have two meanings.
The less likely case is where the mbuf didn't contain a complete IP
header. More likely, the packet contains IP options, which pf blocks by
default. You can isolate the problem by
a) enabling debug logging with pfctl -xm and watching the console
or /var/log/messages for messages from 'pf: '
b) dumping an entire packet that is being blocked, with
tcpdump -s 1600 -nvvvetttSXi pflog0
c) adding 'allow-opts' to all your pass rules and see if the problem
goes away
Daniel
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Tomasz Konefal: "Odd routing issue"
- In reply to: Andrew Degtiariov: "rsh is malfunctioning due to pf"
- Next in thread: Andrew Degtiariov: "Re: rsh is malfunctioning due to pf"
- Reply: Andrew Degtiariov: "Re: rsh is malfunctioning due to pf"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
