Article delegate-en/2992 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: delegate: mixed up window sizes
30 Jun 2005 12:28:16 GMT (Yutaka Sato)
The DeleGate Project


In message <_A2991@delegate-en.ML_> on 06/30/05(19:03:04)
you "Benjamin Schweizer; dsb AG" <> wrote:
 |> I've experienced some strange problems with the handling of the tcp 
 |> window size in delegate. By now, I was not able to debug it, I just 
 |> want to ask if other users have reported similar problems. It looks as 
 |> if the packets get fragmented in a wrong way which makes my Checkpoint 
 |> reject them. I'm currently using 8.11.3 but I had similar problems 
 |> with 8.9.1.
 |> addendum: I'm just analysing the code which is rather complex. I 
 |> assume that this is a bug in the ftp handler which is called via xinetd.

Is this the problem in DeleGate as a FTP-proxy ?

 |I've some more results:
 |- the banner message get's fragmented on some connections (this is a 
 |kernel issue, may be some special socket options?)

Is it a banner meesage from a FTP server relayed by DeleGate ?

 |- the fragmented packet is correct as I can see
 |- Checkpoint as well as Sonic Wall reject this packet in the application 
 |filter as they don't assemble fragmented packets at this stage
 |- I've shortened the banner to fit into a ~780 byte packet which 
 |supressed fragmentation
 |Further investigation:
 |- I've to figure out why the packets get fragmented, this is somehow 
 |strange as the window-size is not restricted by the client nor by the 
 |- I've to figure out why they are dropped at the firewalls
 |   - is the packet strange?
 |   - is the application layer filter broken?
 |   - is there some limit?

  D G   Yutaka Sato <>
 ( - )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]