On Monday 2010-06-14 18:15, Patrick McHardy wrote: > Fischer, Anna wrote: >> I am trying to track (and NAT) a TCP connection to a Windows Vista machine >> using ip_conntrack. However, Vista uses the Nagle algorithm combined with the >> TCP Delayed ACK mechanism which does not ACK every single packet, and it seems >> as if the connection tracking module has problems with this. Basically it >> fails to recognize Delayed ACK packets, and as these are not picked up by the >> connection tracking module, my NAT function does not work and so packets are >> not delivered properly because they are not rewritten by ip_nat. I am certain >> that the problem is the Vista TCP stack and its mechanisms as when I configure >> my Windows Vista machine with Nagle = off and TCPNODelay = 1, then actually >> connection tracking works fine. Also, all connections with Linux machines are >> tracked properly. >> >> Is this a known issue? > > You're mentioning ip_conntrack, which is obsoleted for multiple > years now. Which kernel version are you using? By definition of ip_conntrack, that must be older than 2.6.20. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
