* Problem with TCP connections
@ 2008-06-11 20:49 rigoberto perez
0 siblings, 0 replies; only message in thread
From: rigoberto perez @ 2008-06-11 20:49 UTC (permalink / raw)
To: netfilter
In a topology like:
windows1 --- linux router1 --- linux router2 --- windows2
I have a netfilter module in every linux router with 3 hooks:
localin
localout
forward
and the module ipconntrack is loaded. In forward hook i change the outcoming
packets in this way:
padd 1 byte at the end of a packet
save the protocol of the ip header in the padded byte
modify the protocol in ip header by 250
When the forward hook receives an ip packet with the protocol 250 I do
the inverse function:
restore the original protocol
trim the last byte of the packet
This works OK for ICMP packets - even large packets to force fragmentation, but, When I use TCP the connections, for example FTP, - with packets of 1500 bytes - stops in the middle of the transfer.
If I change the MSS in the server to 1499 everything works OK but I dont want to do this, I wish resolve the problem in the router.
I need some help, thanks.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2008-06-11 20:49 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-06-11 20:49 Problem with TCP connections rigoberto perez
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox