Go Back   DaemonForums > Miscellaneous > Guides

Guides All Guides and HOWTO's.

Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 29th December 2009
J65nko J65nko is offline
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,503
Default Why tcpdump sometimes drops packets, mangles DNS and shows bad checksums

From http://archive.netbsd.se/?ml=openbsd...-12&m=12145822
BPF is implemented as a ring buffer if it overflows it will drop packets.
That's why tcpdump is printing the statistics at the end:
4 packets received by filter
0 packets dropped by kernel

If you tcpdump with a snapsize of 2000 as shown above you will run out of
the default bpf bufsize very quickly since the default is 32k and I guess
you cranked up your tcp buffers to much bigger numbers so that bpf has no
chance to queue the incomming packets, call userland and be done with them
before the 32k buffer overflows. You may want to look into sysctl
For more info about BPF, the Berkely Packet Filter, which is used by tcpdump, see http://en.wikipedia.org/wiki/Berkeley_Packet_Filter
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
FreeBSD FreeNAS drops FreeBSD in favor of Debian vermaden News 34 22nd December 2009 11:00 PM
Adobe drops most flash player licensing fees drhowarddrfine Off-Topic 7 18th October 2008 04:43 PM
i would like to know about tcpdump chamnanpol FreeBSD General 8 17th September 2008 11:00 AM
Redirecting ESP packets ales OpenBSD Security 2 15th June 2008 09:13 PM
IPF: Packets Out Of Window bram85 FreeBSD Security 9 2nd June 2008 04:09 PM

All times are GMT. The time now is 11:53 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick