[ previous ] [ next ] [ threads ]
 From:  "Molle Bestefich" <molle dot bestefich at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] problem when using VLANs and NAT
 Date:  Tue, 13 Jun 2006 05:48:48 +0200
Craig FALCONER wrote:
> Dude - Chris said quite rightly that the firewall software is not even
> seeing the data

Dude, Chris also launched a psychopathic flame against my person,
apparently because of a single comment that might have been slightly
arrogant.  He might enjoy great respect around here, but that doesn't
mean that it's OK for him to go on a killer rampage every time he runs
out of real arguments :-P.  (Yeah, I admit I've started a couple of
arguments - sorry, I'm new, trying to learn.)  It's not right to go
attacking people on loose grounds just because you happen to have an
army backing you up.

That was what that particular posting was about.  It didn't "just" say
something about an OS/filter boundary...

(And I still feel that it's very inappropriate for a firewall to drop
packets without telling the user, by the way.  Especially after having
spent days troubleshooting one of those issues.)

> because the OS is dropping your bad-checksum packets.
> Frankly its nothing to do with m0n0wall.

I think it has everything to do with m0n0wall.
M0n0wall is not ipfilter, m0n0wall is a firewall distro.
Being a distro, that includes the kernel.

I'm not saying that it's easily fixed, and I'm definitely not
demanding that anyone here do it.

I'm just saying that in an optimal scenario, a log entry would be made.
Apologies if I come off sounding demanding.

> I'm still curious to know exactly what is generating this rather dodgy
> quality traffic.

Explained earlier in the thread, take a look.
Feel free to ask for clarification if needed.