Re: ipf 4.1.13 + NAT + FTP proxy = window scaling problem

#1 (**permalink**) 12-20-2006

On Wed, 20 Dec 2006, Darren Reed wrote:
> To see if it has properly picked up window scaling, list out the state table
> entry with "ipfstat -sl". To me it is looking like the FTP data connection
> is the one having trouble, yes?

Yes, it seems that way. In fact, Victor's comment is probably to the
point, as the Client's Window Scaling factor is something like 6, but
the server (Solaris 10) is 0.

I don't know how to read the intricacies of the output, but you
probably can :-) [this command is run when the FTP transfer has
stalled}

192.168.1.1 -> 193.166.3.2 pass 0x8502 pr 6 state 5/5 bkt 137
tag 0 ttl 863637
33265 -> 34698 2d7d2fbc:704f176a 8192<<0:41472<<0
cmsk 0000 smsk 0000 isc 0x0 s0 2d7d2fbc/704d30fa
FWD:ISN inc 0 sumd 0
REV:ISN inc 0 sumd 0
forward: pkts in 54 bytes in 3228 pkts out 54 bytes out 3228
backward: pkts in 63 bytes in 93064 pkts out 63 bytes out 93064
pass in quick keep state IPv4
pkt_flags & 0(0) = 0, pkt_options & ffffffff = 0, ffffffff = 0
pkt_security & ffff = 0, pkt_auth & ffff = 0
is_flx 0x1 0x1 0x1 0x1
interfaces: in rl0[rl0],fxp0[fxp0] out fxp0[fxp0],rl0[rl0]
Sync status: not synchronized
192.168.1.1 -> 193.166.3.2 pass 0x40004502 pr 6 state 5/5 bkt 5221
tag 0 ttl 863636
60621 -> 21 2ccaf8f7:7049315f 9856<<6:49232<<0
cmsk 0000 smsk 0000 isc 0x0 s0 2ccaf89b/70492a5e
FWD:ISN inc 0 sumd 0
REV:ISN inc 0 sumd 0
forward: pkts in 12 bytes in 716 pkts out 13 bytes out 776
backward: pkts in 13 bytes in 2481 pkts out 13 bytes out 2481
pass out quick keep state IPv4
pkt_flags & 0(10000) = 1000, pkt_options & ffffffff = 0, ffffffff = 0
pkt_security & ffff = 0, pkt_auth & ffff = 0
is_flx 0x1 0x1 0x1 0x1
interfaces: in rl0[rl0],fxp0[fxp0] out fxp0[fxp0],rl0[rl0]
Sync status: not synchronized
192.168.1.1 -> 193.166.3.2 pass 0x8502 pr 6 state 9/11 bkt 2546
tag 0 ttl 88
56804 -> 63406 2c7d5901:6ebb4a0b 8192<<0:41472<<0
cmsk 0000 smsk 0000 isc 0x0 s0 2c7d5900/6ebb46ae
FWD:ISN inc 0 sumd 0
REV:ISN inc 0 sumd 0
forward: pkts in 4 bytes in 216 pkts out 4 bytes out 216
backward: pkts in 4 bytes in 1080 pkts out 4 bytes out 1080
pass in quick keep state IPv4
pkt_flags & 0(0) = 0, pkt_options & ffffffff = 0, ffffffff = 0
pkt_security & ffff = 0, pkt_auth & ffff = 0
is_flx 0x1 0x1 0x1 0x1
interfaces: in rl0[rl0],fxp0[fxp0] out fxp0[fxp0],rl0[rl0]
Sync status: not synchronized
192.168.1.1 -> 193.166.3.2 pass 0x40004502 pr 6 state 9/11 bkt 3303
tag 0 ttl 102
60619 -> 21 2cac624a:6e637060 9856<<6:49232<<0
cmsk 0000 smsk 0000 isc 0x0 s0 2cac61fe/6e63692a
FWD:ISN inc 0 sumd 0
REV:ISN inc 0 sumd 0
forward: pkts in 18 bytes in 1011 pkts out 19 bytes out 1071
backward: pkts in 15 bytes in 2637 pkts out 15 bytes out 2637
pass out quick keep state IPv4
pkt_flags & 0(10000) = 1000, pkt_options & ffffffff = 0, ffffffff = 0
pkt_security & ffff = 0, pkt_auth & ffff = 0
is_flx 0x1 0x1 0x1 0x1
interfaces: in rl0[rl0],fxp0[fxp0] out fxp0[fxp0],rl0[rl0]
Sync status: not synchronized
192.168.1.1 -> 193.166.3.2 pass 0x40004502 pr 6 state 0/9 bkt 1374
tag 0 ttl 371
60617 -> 21 2c124e38:6d514359 9856<<6:49232<<0
cmsk 0000 smsk 0000 isc 0x0 s0 2c124dd9/6d513c3f
FWD:ISN inc 0 sumd 0
REV:ISN inc 0 sumd 0
forward: pkts in 20 bytes in 1250 pkts out 21 bytes out 1310
backward: pkts in 22 bytes in 3051 pkts out 26 bytes out 3275
pass out quick keep state IPv4
pkt_flags & 0(10000) = 1000, pkt_options & ffffffff = 0, ffffffff = 0
pkt_security & ffff = 0, pkt_auth & ffff = 0
is_flx 0x1 0x1 0x1 0x1
interfaces: in rl0[rl0],fxp0[fxp0] out fxp0[fxp0],rl0[rl0]
Sync status: not synchronized

--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode