Re: Fw: oops/bug in tcp, SACK doesn't work?

To:	laforge@xxxxxxxxxxxx (Harald Welte)
Subject:	Re: Fw: oops/bug in tcp, SACK doesn't work?
From:	kuznet@xxxxxxxxxxxxx
Date:	Sun, 29 Jul 2001 20:53:36 +0400 (MSK DST)
Cc:	netdev@xxxxxxxxxxx
In-reply-to:	<20010728004447.I1240@obroa-skai.gnumonks.org> from "Harald Welte" at Jul 28, 1 11:15:01 pm
Sender:	owner-netdev@xxxxxxxxxxx

Hello!

> Please note that the netfilter nat protocol helpers for ftp (and irc as well 
> as
> other protocols in patch-o-matic) delete the SACKPERM option on-the-fly 
> from all packets.

Then Marty would not see any sacks at all.


> It has to, as you run in neverending complications as soon as the nat helper
> has to alter the tcp sequence numbers, etc.

It is not a valid justification. It is difficult to rewrite sequence numbers.
As soon as nat does this, rewriting sacks is easy. Even not easy, trivial.

Sad and not expected behaviour. I used to ridicule commercial firewall vendors,
sometimes doing shit of this kind without any clear reasons. :-)

Alexey

<Prev in Thread]	Current Thread	[Next in Thread>
Fw: oops/bug in tcp, SACK doesn't work?, Marty Poulin Re: Fw: oops/bug in tcp, SACK doesn't work?, Harald Welte Re: Fw: oops/bug in tcp, SACK doesn't work?, kuznet <= Re: Fw: oops/bug in tcp, SACK doesn't work?, Harald Welte Re: Fw: oops/bug in tcp, SACK doesn't work?, Alexey Kuznetsov

Previous by Date:	Re: TCP 4way handshake, Alexey Kuznetsov
Next by Date:	RE: conflicting alignment requirements, Jacob Avraham
Previous by Thread:	Re: Fw: oops/bug in tcp, SACK doesn't work?, Harald Welte
Next by Thread:	Re: Fw: oops/bug in tcp, SACK doesn't work?, Harald Welte
Indexes:	[Date] [Thread] [Top] [All Lists]