On Mon, 2013-08-19 at 15:49 +0200, Christoph Paasch wrote: > > It's a TCP-patch, that interprets duplicate-acks with invalid SACK-blocks as > duplicate acks in tcp_sock->sacked_out. Yeah, but here, this is conntrack who is blocking the thing. TCP receiver has no chance to 'fix' it. See conntrack is one of those buggy middle box as well. So if you want to properly handle this mess, you'll also have to fix conntrack. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
