problem with linux kernel 2.16.18.2 and packet filter
WAYNE KING
king.812 at osu.edu
Tue Mar 20 17:52:55 UTC 2007
Hello list, My subnet at Ohio State is running a BSD firewall with packet filter. It works great, but I just encountered a weird problem with the linux 2.16.18.2 kernel and packet filter. When the firewall was on I could do absolutely nothing via the web; every page would hang. As soon as I turned the firewall off, all connections worked fine. Apparently this is a known bug? and changing the tcp_window_scaling setting in the kernel to 0 fixes it. Anyway I was hoping that someone could explain to me why that setting might cause a problem with packet filter. It irritated me for weeks. By the way I'm using OpenSuse 10.2 --never had it up to and including Suse 10.1. I'm not sure if this is a problem in general with that kernel or with some distro particular. I'm running fedora core 6 on another computer and that works fine. I just discovered this fix so I haven't checked what kernel that has installed (fedora core 6) or what the tcp_window_scaling is by default. The following com
mand fixed it on my computer (openSuse 10.2)
echo 0 > /proc/sys/net/ipv4/tcp_window_scaling
Any quick insights just for my own education?
Thanks so much,
Wayne King
More information about the freebsd-pf
mailing list