On Thu, 22 Feb 2007 23:45:06 +0100 J65nko <[EMAIL PROTECTED]> wrote: > On 2/22/07, RW <[EMAIL PROTECTED]> wrote: > > On Wed, 21 Feb 2007 19:38:39 +0100 > > J65nko <[EMAIL PROTECTED]> wrote: > > > > > For keeping state on TCP connections you should only create state > > > on the first packet of the 3 way TCP handshake. Using "flags > > > S/SA" will ensure this. This will prevent problems with TCP > > > windows scaling.. > > > > Why? Creating a state entry causes subsequent packets, in the same > > tcp connection, to bypass the rules altogether. > > > > The OP did not keep state on TCP connections using "flags S/SA". That > can cause problems for TCP window scaling (defined in RFC 1323) and > result in stalling connections. > > >From http://undeadly.org/cgi?action=article&sid=20060928081238 under > "Create TCP states on the initial SYN packet" >
How can a TCP connection start with anything other than an initial SYN packet? _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
