Re: [PATCH] Make netfilter handle SACK in NAT'ed connections (was Re: Fw

netdev

Re: [PATCH] Make netfilter handle SACK in NAT'ed connections (was Re: Fw

To:	Chris Wedgwood <cw@xxxxxxxx>
Subject:	Re: [PATCH] Make netfilter handle SACK in NAT'ed connections (was Re: Fw: oops/bug in tcp, SACK doesn't work?)
From:	Harald Welte <laforge@xxxxxxxxxxxx>
Date:	Mon, 28 Jan 2002 20:26:42 +0100
Cc:	kuznet@xxxxxxxxxxxxx, netdev@xxxxxxxxxxx
In-reply-to:	<20020127122036.GA10858@tapu.f00f.org>; from cw@f00f.org on Sun, Jan 27, 2002 at 04:20:36AM -0800
References:	<20010728004447.I1240@obroa-skai.gnumonks.org> <200107291653.UAA18260@ms2.inr.ac.ru> <20010731033801.M1486@obroa-skai.gnumonks.org> <20020127095716.H16571@sunbeam.de.gnumonks.org> <20020127122036.GA10858@tapu.f00f.org>
Sender:	owner-netdev@xxxxxxxxxxx
User-agent:	Mutt/1.3.17i

On Sun, Jan 27, 2002 at 04:20:36AM -0800, Chris Wedgwood wrote:
> On Sun, Jan 27, 2002 at 09:57:16AM +0100, Harald Welte wrote:
> 
>     Hi Alexey & Others.
> 
>     I'm now following up a very old thread about netfilter deleting
>     SACKPERM in the case of NAT'ing protocols with helpers (ftp, irc, ...)
> 
> Why not just strip SACK when using NAT?

because SACK is generally a very useful extension of the TCP protocol,
and we shouldn't just be arrogant and decide that our users are not
allowed to use it in combination of nat.

>   --cw

-- 
Live long and prosper
- Harald Welte / laforge@xxxxxxxxxxxx               http://www.gnumonks.org/
============================================================================
GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M- 
V-- PS+ PE-- Y+ PGP++ t++ 5-- !X !R tv-- b+++ DI? !D G+ e* h+ r% y+(*)

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[PATCH] Make netfilter handle SACK in NAT'ed connections (was Re: Fw: oops/bug in tcp, SACK doesn't work?), Harald Welte Re: [PATCH] Make netfilter handle SACK in NAT'ed connections (was Re: Fw: oops/bug in tcp, SACK doesn't work?), kuznet Re: [PATCH] Make netfilter handle SACK in NAT'ed connections (was Re: Fw: oops/bug in tcp, SACK doesn't work?), Harald Welte Re: [PATCH] Make netfilter handle SACK in NAT'ed connections (was Re: Fw: oops/bug in tcp, SACK doesn't work?), kuznet Re: [PATCH] Make netfilter handle SACK in NAT'ed connections (was Re: Fw: oops/bug in tcp, SACK doesn't work?), Harald Welte Re: [PATCH] Make netfilter handle SACK in NAT'ed connections (was Re: Fw: oops/bug in tcp, SACK doesn't work?), kuznet Re: [PATCH] Make netfilter handle .. perhaps offtopic, Peter Bieringer Re: [PATCH] Make netfilter handle .. perhaps offtopic, Harald Welte Message not available Re: [PATCH] Make netfilter handle SACK in NAT'ed connections (was Re: Fw: oops/bug in tcp, SACK doesn't work?), Harald Welte <=

Previous by Date:	Re: [PATCH] Make netfilter handle SACK in NAT'ed connections (was Re: Fw: oops/bug in tcp, SACK doesn't work?), kuznet
Next by Date:	Re: [PATCH] Make netfilter handle SACK in NAT'ed connections (was Re: Fw: oops/bug in tcp, SACK doesn't work?), Harald Welte
Previous by Thread:	Re: [PATCH] Make netfilter handle .. perhaps offtopic, Harald Welte
Next by Thread:	[no subject], MOLNAR Ingo
Indexes:	[Date] [Thread] [Top] [All Lists]