[opensource] Trouble loading OSU page in Linux

Wesley Haines kremit at wrpn.net
Sun Jul 29 21:36:26 EDT 2007


On Sun, 2007-07-29 at 20:01 -0400, Seth Hall wrote:
> Heh, my stupid message to the list bounced.
> 
> It's pretty straight forward to get pf to handle window scaling  
> correctly.  All you need to do is set 'flags S/SA keep state' on any  
> rule that messes with TCP packets.  That will make pf catch the  
> window scaling and pay attention to it when the time comes.

Hey Seth, 

As far as I know, we've checked and re-checked the 'flags state' on the
firewall over at the Byrd Polar Research Center and it hasn't fixed the
problem. I remember reading about a window scaling bug in OpenBSD 3.2 or
3.3's network stack, whichever one is currently used on that firewall,
so that may apply here. I don't know much about pf though (not as much
as iptables), so I'm going to learn more tomorrow and see if Tom and I
can look over the rulesets again.

I would ask to _please_ make this a high-priority thing to fix. I'm sure
there are bigger security issues that take precedence, but within the
next month new and returning students will be back on campus. A good
chunk are going to have new systems running Vista, and the smaller (but
still sizable) desktop Linux crowd is there too. The firewall in front
of the Registrar's website is probably the most important one to get
fixed, IMHO. Everytime I need to access that site, or the Byrd Center's
website from home, I have to make sure to revert my window scaling
settings.

Thanks!


============================================================
Wesley Haines

Network Administrator       Webmaster
WRPN Internet Services      weatherUSA.net
http://wrpn.net/            http://www.weatherusa.net/
============================================================





More information about the Opensource mailing list