Some questions here: 1) Are these IP fragments? If so, Why is it happening especially with such a short length. 2) If these are fragments, shouldn't the nat or mangle defragment them before any packet processing? Why is it not happening? I guess what I'm saying is that the functionality that you're asking here should already be in place. 3) If these are not fragments and are seperate TCP segments leaving the client, you should actually wonder why your firewall is not passing packet 3. Do you have any rules droppng these packets.
Ramin On Thu, Apr 25, 2002 at 12:20:53PM -0400, Dougherty, Joe wrote: > Greetings, all, > > I mailed the list the other day with part one of this problem, and after > examining packets, I've discovered my problem:
