OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: Kernel-level pppoe

From: David Walker (davidianwalkergmail.com)
Date: Tue Aug 24 2010 - 14:42:00 CDT


> Yeah that was my thread.

Yeah hi Andre, I noticed that after I hit send.

When your PPP drops out and comes back up have you tried killing and
restarting PF?
It might be a problem with PPP and unrelated to your pf.conf ...

Are you able to post your pf.conf?

> How can I check if scrubbing works f.e. with tcpdump?

I'm guessing you either do it manually (use tcpdump on an interface)
or use pflog output and in either case figure out exactly what your
scrubbing does (MSS, DF, etcetera) and how to evaluate it by looking
at packets.

How about having a simple ruleset, pull the plug on PPP and see what
happens. Reintroduce your MSS and try it again. Add DF and reassemble
or whatever incrementally.
Once they work, start adding your rules back in.
Of course make sure this triggers the problem with your current
ruleset before you get started.

Best wishes.