cvs commit: src/sys/netinet tcp_syncache.c
Andre Oppermann
andre at freebsd.org
Thu Jan 24 04:52:55 PST 2008
Maxim Konovalov wrote:
> [...]
>>> I'm not generally opposed to security improvements that only affect edge
>>> cases... but being unable to connect is not an edge case!
>> Fully agreed. I'll reopen the PR and follow up with the originator
>> to do some further analysis. All operating system he cites that were
>> unable to connect correctly send timestamps and do not stop after
>> the SYN phase. So there must be something else at play here. Have
>> you received or heart of any *other* reports that may be related to
>> the timestamp check?
>>
> I saw this with my adsl router. Happy to test patches.
Please provide a tcpdump of a connection that failed before. It'll
show the problem even though it doesn't cause an abort. Was the
problem you saw with communication through the adsl router, or when
you connected to the adsl router itself (configuration menu, etc)?
[Reducing CC list]
--
Andre
More information about the freebsd-net
mailing list