* weird blocked sync packets on win machines
@ 2004-11-11 14:50 Domenico Gargano
0 siblings, 0 replies; 2+ messages in thread
From: Domenico Gargano @ 2004-11-11 14:50 UTC (permalink / raw)
To: netfilter
Hi all,
strange things happen on my linuxbox, I've got a firewall box running fedora 2 with 5 net
adapters. All my private machines (192.168.30.) connect to internet and to my DMZ
through the linuxbox.
During the day usually happens that my firewall stop forwarding SYN packets, allowing
instead all other packets (ex. ACK) and all other protocols. This means that I cannot
establish only new connections (prevoiously opened ones just work fine).
All my eth stop forwarding for 15 minutes, all the new traffic is totally blocked (from/to
LAN, DMZ, INTERNET).
The really weird thing is that this happen only on windows machines, and during this
block-time, if I close all IE windows and then I re-open IE, all connections start again to
work (without waiting 15 minutes), this trick works only if my IE is using squiq proxy
running on a server located in DMZ.
I've upgraded the kernel from 2.4.22 to all new releases since 2.6.8 but nothing has
changed, I've changed all net adapters and fine-tuning kernel parameters (like disable
syn-protect or increase nr. connections and decrease timeout values).
All tests are done with tcpdump.
Can someone please suggest me some way to find a solution? I'm not only looking for
the right solution, but also some method to study this weird problem.
Thanks
--
~~~ Domenico Gargano [Senior Network Manager] ~~~
Planetek Italia s.r.l. :tel:+39 080 5343750
Via Massaua, 12 - I-70123 BARI :fax:+39 080 5340280
~~ email: d.gargano@planetek.it ~~~ www.planetek.it ~~
^ permalink raw reply [flat|nested] 2+ messages in thread
* weird blocked sync packets on win machines
@ 2004-11-11 15:00 Domenico Gargano
0 siblings, 0 replies; 2+ messages in thread
From: Domenico Gargano @ 2004-11-11 15:00 UTC (permalink / raw)
To: linux-kernel
Hi all,
strange things happen on my linuxbox, I've got a firewall box running
fedora 2 with 5 net
adapters. All my private machines (192.168.30.) connect to internet and to
my DMZ
through the linuxbox.
During the day usually happens that my firewall stop forwarding SYN
packets, allowing
instead all other packets (ex. ACK) and all other protocols. This means
that I cannot
establish only new connections (prevoiously opened ones just work fine).
All my eth stop forwarding for 15 minutes, all the new traffic is totally
blocked (from/to
LAN, DMZ, INTERNET).
The really weird thing is that this happen only on windows machines, and
during this
block-time, if I close all IE windows and then I re-open IE, all
connections start again to
work (without waiting 15 minutes), this trick works only if my IE is using
squiq proxy
running on a server located in DMZ.
I've upgraded the kernel from 2.4.22 to all new releases since 2.6.8 but
nothing has
changed, I've changed all net adapters and fine-tuning kernel parameters
(like disable
syn-protect or increase nr. connections and decrease timeout values).
All tests are done with tcpdump.
Can someone please suggest me some way to find a solution? I'm not only
looking for
the right solution, but also some method to study this weird problem.
Thanks
pls put me in CC when replying.
--
~~~ Domenico Gargano [Senior Network Manager] ~~~
Planetek Italia s.r.l. :tel:+39 080 5343750
Via Massaua, 12 - I-70123 BARI :fax:+39 080 5340280
~~ email: d.gargano@planetek.it ~~~ www.planetek.it ~~
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-11-11 15:01 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-11-11 15:00 weird blocked sync packets on win machines Domenico Gargano
-- strict thread matches above, loose matches on Subject: below --
2004-11-11 14:50 Domenico Gargano
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.