Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.cs.su.oz.au!inferno.mpx.com.au!news.unimelb.edu.au!munnari.OZ.AU!news.Hawaii.Edu!news.caldera.com!enews.sgi.com!newshub1.home.com!news.home.com!newsfeed.direct.ca!news.he.net!dimensional.com!flatland.dimensional.com!not-for-mail From: mfuhr@dimensional.com (Michael Fuhr) Newsgroups: comp.unix.bsd.freebsd.misc Subject: PPP allows ICMP, drops TCP & UDP (not ipfw prob) Date: 12 Jul 1997 19:15:09 -0600 Organization: Dimensional Communications Lines: 45 Message-ID: <5q9a6t$5lv@flatland.dimensional.com> NNTP-Posting-Host: flatland.dimensional.com X-Newsreader: NN version 6.5.1 (NOV) Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:44326 FreeBSD 2.2-STABLE Kernel PPP (pppd 2.2.0) ipfw config: 00100 allow ip from any to any 65535 deny ip from any to any Scenarios: 1. ISP 1: PPP works like a champ. ICMP, TCP, and UDP traffic works fine. 2. ISP 2: Same PPP config -- only difference is phone # and password in chat file. * ICMP works fine -- can ping ISP and ISP can ping me; tcpdump run on both sides shows the ICMP echo request & reply packets. * TCP from ISP reaches me: tcpdump on my side shows the SYN segment arriving. * TCP from me to ISP fails: tcpdump on my side shows RST going back to ISP (nothing listening on that port); tcpdump at ISP never sees the RST, and ISP continues sending SYN segments. * UDP queries go unanswered: tcpdump on my side shows UDP packets going out, but tcpdump at ISP shows nothing. * "ipfw show" shows increases on the allow counter. Implicit deny counter remains 0. * ISP's other customers having no problems. The PPP connection to ISP 2 comes up and the routes are set correctly, as shown by the fact that I can ping them and receive the replies. But TCP and UDP get dropped somewhere between me and them, apparently not by my packet filters. The ISP's other customers have no problems (most probably running Win95, not FreeBSD). The identical config works fine with ISP 1. Any ideas? -- Michael Fuhr http://www.dimensional.com/~mfuhr/