On Wed, Aug 07, 2013 at 11:06:06AM -0700, Eric Dumazet wrote: > On Wed, 2013-08-07 at 19:42 +0200, Patrick McHardy wrote: > > > > > The SYNPROXY operates by marking the initial SYN from the client as UNTRACKED > > and directing it to the SYNPROXY target. The target responds with a SYN/ACK > > containing a cookie and encodes options such as window scaling factor, SACK > > perm etc. into the timestamp, if timestamps are used (similar to TCP). The > > window size is set to zero. The response is also sent as untracked packet. > > TCP timestamps are not really used, for various reasons ... > > Have you taken a look at > > <http://lists.freebsd.org/pipermail/freebsd-net/2013-July/035999.html> No, not yet, will have a look. Not sure what you mean by "TCP timestamps are not really used" though. I might be biased by usually only looking at Linux traffic, but I was under that impression that everyone is using TCP timestamps nowadays? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
