RE: NetBios iptables trouble with small TCP packets

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Questions:

1. Are we to assume that large files (>256kb) transfer just fine? Or, is
there a problem with them too?

2. Which direction is the transfer?  NT -> W2K or W2K -> NT?

3. By transfer, do you really mean "copy" using File & Print sharing?  I'm
assuming this to be the case you say you are using NBT.

4.  Are these machines (both NT & W2K) members of a domain, and if so is it
the same domain?  What is the setup here.  This is necessary to know because
SMB must negotiate the means of authentication and then authenticate before
any transfer can take place.

5.  What rules do you have in place that you feel should permit the SMB
packets to pass through the firewall?

6.  What does the "Windump" output on the sending machine show for the
packets generated during the "hang period" when run as "windump -n -vv -xX
-i2"?



-----Original Message-----
From: netfilter-admin@xxxxxxxxxxxxxxxxxxx
[mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of sp3 sp3
Sent: Friday, January 02, 2004 6:54 PM
To: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: NetBios iptables trouble with small TCP packets

I,

I have two networks connected with a linux firewall/router that is running
RH8 and a firewall script.
I'm having a problem with the transfer of small files (<256kb) using NetBios
over TCP/IP between a NT4 machine and a win2k machine.
The fw is doing source nat.
The problem is that when i transfer a small file, the win2k machine seams to
hang for a moment ( 10 seconds ) and displays an error.
I have searched the MS site for the error and i have found that it's related
to a time out.

I have searched the logs, and nothing unusual is reported.
I have checked the firewall logs also, and no drop packet is found ( i log
all "can't happened" rules ).

I have tried many things, like:
- checking the MTU of the interfaces
- cheching the mss value using ifconfig
- each NIC uses a separate IRQ

The problem is on the fw/router machine 'im shure. I know it, because a have
tried to put the same machines on the same LAN and there is no problem.

Does any one have any sugestion for this stange problem?

Best regards,
Sp3

_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux