On Thu, 2004-07-08 at 17:37, David S. Miller wrote: > > This has now been confirmed with the packages.gentoo.org firewall! > > It's the netfilter patches added to the gentoo WOLK kernel running > on packages.gentoo.org > > Specifically, it's the tcp-window-tracking patch from netfilter's > patch-o-matic. There's some bug in there wrt. it's window scaling > support. > > I bet if the tcp-window-scaling diff is removed from the kernel running > there, the problem will totally go away. > > I note that it is using a very old version of the tcp-window-tracking > patch, the current version is 2.2 and probably fixes this bug. The > gentoo linux-2.4.20-wolk-4.14 kernel is using version 1.7 That bug was probably fixed May 21 2003 according to cvs history. "Patch updated: window scaling bug fixed, improved, etc. (JK)." It updates the version to 1.9 As reference, I'm using v2.2 with -bk from 040626 which does use wscale=7 and I don't see any problems connecting to/from machines with lower or equal wscale. I drop and log all packets tcp-window-tracking classifies as INVALID. -- /Martin
Attachment:
signature.asc
Description: This is a digitally signed message part
