Crash with GRE und IPFW fwd
Julian Kornberger
juliank at tzi.de
Thu May 28 14:27:41 UTC 2015
Am 28.05.2015 um 16:07 schrieb Andrey V. Elsukov:
> Just noticed, you use ip_divert(4). gre(4) uses mbuf_tag to prevent
> infinity loop and stack exhausting. When packet goes through ip_divert,
> it loses this tag. You need to check your rules and avoid applying
> divert rules to GRE packets. Also you can use some netgraph based tcpmss
> implementation.
I only pass TCP SYN packets to divert.
This should not affect GRE packets?
ipfw add divert $tcpmssd_port tcp from any to not me setup
Thanks for your GRE module. I will give it a try.
--
Julian
More information about the freebsd-net
mailing list