Date: Thu, 24 Jan 2008 16:49:05 +0300 (MSK) From: Maxim Konovalov <maxim@macomnet.ru> To: Andre Oppermann <andre@freebsd.org> Cc: freebsd-net@freebsd.org Subject: Re: cvs commit: src/sys/netinet tcp_syncache.c Message-ID: <20080124164704.X15031@mp2.macomnet.net> In-Reply-To: <47988A2A.5010506@freebsd.org> References: <200711200656.lAK6u4bc021279@repoman.freebsd.org> <4797B77E.2090605@freebsd.org> <20080124005006.D93697@odysseus.silby.com> <47986F27.10401@freebsd.org> <20080124145713.K15031@mp2.macomnet.net> <47988A2A.5010506@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 24 Jan 2008, 13:52+0100, Andre Oppermann wrote: > Maxim Konovalov wrote: > > [...] > > > > I'm not generally opposed to security improvements that only affect edge > > > > cases... but being unable to connect is not an edge case! > > > Fully agreed. I'll reopen the PR and follow up with the originator > > > to do some further analysis. All operating system he cites that were > > > unable to connect correctly send timestamps and do not stop after > > > the SYN phase. So there must be something else at play here. Have > > > you received or heart of any *other* reports that may be related to > > > the timestamp check? > > > > > I saw this with my adsl router. Happy to test patches. > > Please provide a tcpdump of a connection that failed before. It'll > show the problem even though it doesn't cause an abort. Was the > problem you saw with communication through the adsl router, or when > you connected to the adsl router itself (configuration menu, etc)? > The latter. Turning rfc1323 off solved the problem. It takes some time to obtain the dump -- I need to downgrade the system. -- Maxim Konovalov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080124164704.X15031>