Re: ICMP checksum error through NAT ?

This is a discussion on Re: ICMP checksum error through NAT ? within the IPFilter forums, part of the System Security and Security Related category; At 18:59 Uhr -0400 26.8.2007, Chris Ross wrote: [...] > It looks like it's converting the "...


Go Back   Usenet Forums > System Security and Security Related > IPFilter

Reload this Page Re: ICMP checksum error through NAT ?

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 08-27-2007
Hauke Fath
 
Posts: n/a
Default Re: ICMP checksum error through NAT ?
At 18:59 Uhr -0400 26.8.2007, Chris Ross wrote:

[...]

> It looks like it's converting the "port unreachable" to send it
>back, but tcpdump is complaining that the icmp cksum is wrong for the
>packet that the NAT'ing software has generated. Is this a real bug
>in that code, or is something going wrong somewhere and I'm just
>misinterpreting the output of tcpdump?

Let me guess: You have hardware checksumming enabled on the related network
interfaces? Since tcpdump sees outgoing packets before the checksum is
generated, it gets confused. Ignore, or switch off hardware checksum
generation while testing.

HTH,
hauke


--
"It's never straight up and down" (DEVO)


Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 03:57 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0