Problem downloading large files from Apache from far
curby.public at gmail.com
Thu Jul 28 07:04:02 CEST 2005
On 7/26/05, Andrew <andrewna at mymcsb.com> wrote:
> But the question is, why are subsequent packets coming from the remote
> machine being identified as INVALID? Will allowing INVALID packets cause
> other problems?
Allowing INVALID is generally unnecessary, and can let certain port
scans through undetected.
> The Linux machine is actually behind another Cisco PIX firewall. Could the
> hardware firewall be translating the packets wrongly? Any ideas?
Can you try with a machine between the firewalls? That would simulate
a web request but bypass PIX.
Running a tcpdump might also give useful information.
More information about the netfilter