Most recent kernel where this bug did not occur: - Distribution: Gentoo Hardware Environment: IBM Thinkpad T41 Software Environment: Gentoo stable Linux + KDE 3.5.5 Problem Description: I use at home an DSL connection. I attached 2 pcap files with the communication of the KDE program kscd with the CDDB server freedb.org, sniffed from ppp0 and eth0. The sniffed network stream over the ppp0 interface looks fine whereas the sniffed packets from the eth0 often looks bad :-( I don't undestand why the ppp0 stream is ok, whereas the eth0 stream has the malformed package #11. Any explanation are appreciated. And I'm really confused about the fact, that within a LAN I did not have a malformed packet as seen in the 3rd attachment. I discussed it a little bit here http://www.wireshark.org/lists/wireshark-users/200707/msg00187.html w/o success :-( BTW I tested it with the latest git sources, too, the issue is the same.
Created attachment 12100 [details] DSL / ppp0 the DSL stream from ppp0
Created attachment 12101 [details] DSL / eth0 similar http request captured from eth0
Created attachment 12102 [details] LAN / eth0 similar http request captured from eth0 within LAN
Created attachment 12207 [details] keyserver response for my own key at LAN Another example, this HKP stream looks good at LAN sniffed from eth0
Created attachment 12208 [details] keyserver response for my own key at eth0 from DSL This stream is not ok.
Comment on attachment 12207 [details] keyserver response for my own key at LAN problem with gpg keys went away after using kernel 2.6.22 and key server subkeys.pgp.net
Comment on attachment 12208 [details] keyserver response for my own key at eth0 from DSL problem with gpg keys went away after using kernel 2.6.22 and key server subkeys.pgp.net
BTW for the sniffed hkp stream KDE provided a patch : http://bugs.kde.org/show_bug.cgi?id=142069#c3
I suggest mailing netdev@vger.kernel.org about this might be more productive.
If the ethernet device supports checksum offloading, the checksum is not set on sniffed packet. Does the problem go away if you turn rx/tx checksumming off with ethtool?
Created attachment 12711 [details] pppoe patch >Does the problem go away if you turn rx/tx checksumming off with ethtool? No, but the problem went away with a patch series from Herbert Xu (I attach the summary diff after I applied all of his patches to my 2.6.22 Gentoo tree). Herbert Xu wrote (at 31.08.2007): "If he were using the kernel pppoe driver, then this is because PPP filtering is writing over a cloned skb without copying it. In fact, there seems to be quite a few bugs of this kind in the various ppp*.c files. Please try the following patches to see if they make a difference. I've audited ppp_generic.c and pppoe.c. I'll do pppol2tp tomorrow." I'll close this bug although there are 1 or 2 remaining questions at my side related to the firewall behaviour - but that's probably a different story.