IPfilter
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: IPF 4.1.16 - Slow NAT/FTP mix-up

from [Corey Johnston] [Permanent Link][Original]
To: "Darren Reed" <avalon@caligula.anu.edu.au>
Subject: Re: IPF 4.1.16 - Slow NAT/FTP mix-up
From: "Corey Johnston" <coreyj@gmail.com>
Date: Wed, 3 Jan 2007 12:45:47 +1100
Cc: ipfilter@coombs.anu.edu.au
Delivered-to: sp-com-lists@consult.net
Delivered-to: ipfilter-list@securepoint.com
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=hVmNZ2ZnsECOekjJ01nZPbleWPPeUq4rKSEPaDe2g3rMXm9oDSKRl9zun3EUiNvGuY+n2W0jKiwKjsGiTpp5j2+3ZM8RMH2fbm8yu7YGsAM7pZ995nJEgmTqEYWA4JLKyW/8mH+i3sSubxdEQ5upB/xX1a3gdN+TCEGvMOPjgBQ=
In-reply-to: <e2e114e10701021439p7e93973at9b41ac54b048c26c@mail.gmail.com>
References: <e2e114e10701011657u3e001bfey87677b7e254464dd@mail.gmail.com> <200701021810.l02IANE6029617@caligula.anu.edu.au> <e2e114e10701021439p7e93973at9b41ac54b048c26c@mail.gmail.com>
Sender: owner-ipfilter@coombs.anu.edu.au
whoops..  I used the wrong switch in the last email for ipnat -lvd output.. Here is the output showing the HTTP connection mis-identified as "ftp":

MAP 10.5.0.115      4539  <- -> my-public-ip   4539  [ 216.239.63.83 80]
    ttl 467 use 0 sumd 0x216b/0x216b pr 6 bkt 15666/4639 flags 1
    ifp X,X bytes 0/7417 pkts 0/6 ipsumd 216b
    nat_next 0 _pnext ffffffff863ffc20 _hm ffffffff86f62ac0
    _hnext 0/0 _phnext ffffffff861e4990/ffffffff861f00f8
    _data 0 _me 0 _state 0 _aps ffffffff864a9f50
    fr ffffffff8615ca00 ptr ffffffff817db380 ifps ffffffff81d9dcb8/ffffffff81d9dcb8 sync 0
    tqe:pnext ffffffffc02de338 next 0 ifq ffffffffc02de310 parent ffffffff86401a00/fffffd7fffdff888
    tqe:die 18869 touched 0 flags 0 state 4/0

    proxy ftp/6 use -18 flags 0
        proto 6 flags 0 bytes 0 pkts 0 data YES size 344
        state[0,0], sel[0,0]
        seq: off 0/0 min 0/0
        ack: off 0/0 min 0/0
    FTP Proxy:
        passok: 1
    Client:
        seq 0 (ack 0) len 0 junk 0 cmds 0
        buf [\000]
    Server:
        seq b3c2aad1 (ack 0) len 0 junk 0 cmds 0
        buf [\000]


And btw, I also tried applying the first patch (fix) for the tcp window scaling, and it didn't fix it either..


[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IPF 4.1.16 - Slow NAT/FTP mix-up, Corey Johnston
Next by Date:  IPFilter on Solaris 10, Dave Ockwell-Jenner
Previous by Thread:  Re: IPF 4.1.16 - Slow NAT/FTP mix-up, Corey Johnston
Next by Thread:  IPFilter on Solaris 10, Dave Ockwell-Jenner
Indexes:  [Date] [Thread] [Top] [All Lists]