Fischer, Anna wrote:
I am trying to track (and NAT) a TCP connection to a Windows Vista machine using ip_conntrack. However, Vista uses the Nagle algorithm combined with the TCP Delayed ACK mechanism which does not ACK every single packet, and it seems as if the connection tracking module has problems with this. Basically it fails to recognize Delayed ACK packets, and as these are not picked up by the connection tracking module, my NAT function does not work and so packets are not delivered properly because they are not rewritten by ip_nat. I am certain that the problem is the Vista TCP stack and its mechanisms as when I configure my Windows Vista machine with Nagle = off and TCPNODelay = 1, then actually connection tracking works fine. Also, all connections with Linux machines are tracked properly. Is this a known issue?
You're mentioning ip_conntrack, which is obsoleted for multiple years now. Which kernel version are you using? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html