TCP window tracking has bad side effects

Phil Oester kernel at
Thu Dec 2 01:54:54 CET 2004

On Wed, Dec 01, 2004 at 01:16:31PM +0100, Jozsef Kadlecsik wrote:
> Yes, you can disable it anytime:
> echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal
> But a full tcpdump from such a session and the log entries on the
> invalid packets would be useful for us to recheck the code.

This sounds remarkably similar to bugzilla #258, where a TCP
session which works in fails in 2.6.9:

Attached to the report is a binary tcpdump.  I've replayed it
and tried a few things but can't figure out what the problem

Disabling window tracking did nothing -- were there any other
interesting changes in 2.6.9 series?


More information about the netfilter-devel mailing list