Re: Updating ipfilter on FreeBSD 6.x

["Peter J. Cherny" <peterc@luddite.com.au>]

At 09:33 AM 22/2/07, Roger Olofsson wrote:
> Having recently upgraded my firewall machines to FreeBSD 6.2 I am 
> experiencing the very same phenomena concerning the OOW. The issue 
> is particularly annoying since it breaks upgrading of the FreeBSD 
> ports in some cases by simply hanging the download.
> Could someone describe the steps to download, apply the patches for 
> FreeBSD, and install a newer version than the one shipped with FreeBSD6.2?
My Q&D solution to OOW issues in 6.2+4.1.13 was to edit two lines
in ip_state.c and rebuild the kernel (with the IPFILTER options)

 #define MAXACKWINDOW 66000
-           (-ackskew <= (MAXACKWINDOW << tdata->td_wscale)) &&
-           ( ackskew <= (MAXACKWINDOW << tdata->td_wscale))) {
+           (-ackskew <= (MAXACKWINDOW)) &&
+           ( ackskew <= (MAXACKWINDOW << fdata->td_wscale))) {

There are fragments of this in various of Darren's postings
e.g.
Date: Wed, 20 Dec 2006 23:11:57 +1100
From: Darren Reed <darrenr@reed.wattle.id.au>
Subject: Re: ipf 4.1.13 + NAT + FTP proxy = window scaling problem
References: <Pine.LNX.4.64.0612192052410.3711@netcore.fi> 
<458873B8.5060302@reed.wattle.id.au> <20061219235136.GC8372@piias899.ms.com>
In-Reply-To: <20061219235136.GC8372@piias899.ms.com>
X-Enigmail-Version: 0.94.1.1
Content-Type: text/plain; charset=ISO-8859-1