On Thu, 13 Nov 2008 12:22:00 +0100 Pascal Hambourg <pascal.mail@xxxxxxxxxxxxxxx> wrote: > TheOldFellow a écrit : > > > > 10:45:28.932756 IP (tos 0x0, ttl 53, id 25304, offset 0, flags [none], proto TCP (6), length 44) > > 192.150.18.101.80 > 192.168.1.2.2901: tcp 24 [bad hdr length 0 - too short, < 20] > [...] > > Allowing all input doesn't change a thing. > > I thought so. The TCP header of the first reply packet from the server > seems to be malformed, so even though iptables accepted it, the TCP > stack would discard it. > > The problem may lie in your router, your network interface card or its > driver. Anyway it does not seem to be related to netfilter/iptables, as > tcpdump sees the packet as malformed before it enters the netfilter > code. Can you try with another router, machine, kernel or network > interface ? Yes, but it will take time to arrange. It's very strange that it only occurs on that range if IP addresses, which are also very similar to the 192.168.0.0/16 private address range. I wonder if this would improve if I changed the address range used on the ADSL router - firewall to, say, 172.20.1.0. If it's software/firmware in the router or NIC that might avoid it. It's good to know that it isn't my netfilter, as I could not see the logic in it! Hardware/firmware seems much more probable. Anyway, thanks for all your help, I'll report back when I find out more. Regards, R. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
