TCP window tracking has bad side effects
Phil Oester
kernel at linuxace.com
Thu Dec 2 01:54:54 CET 2004
On Wed, Dec 01, 2004 at 01:16:31PM +0100, Jozsef Kadlecsik wrote:
> Yes, you can disable it anytime:
>
> echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal
>
> But a full tcpdump from such a session and the log entries on the
> invalid packets would be useful for us to recheck the code.
This sounds remarkably similar to bugzilla #258, where a TCP
session which works in 2.6.8.1 fails in 2.6.9:
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=258
Attached to the report is a binary tcpdump. I've replayed it
and tried a few things but can't figure out what the problem
is.
Disabling window tracking did nothing -- were there any other
interesting changes in 2.6.9 series?
Phil
More information about the netfilter-devel
mailing list