Me too.
On approximately Sat, Jul 14, 2001 at 05:00:21PM -0500, J Troy Piper wrote:
>
> > 2.4.5-ac17
> > o First set of ipt_unclean fixes (Rusty Russell)
>
> Alan,
>
> I apologise for having taken so long to write this (I have known about
> this problem since 2.4.5ac17 and have not had a chance to document til
> today) but there seems to be a problem with the ipt_unclean fixes by Rusty
> Russell. ANY incoming packets from any interface (ppp0 and eth0) are
> marked as 'unclean' with some variation on the following syslog entry:
>
> Jul 8 23:16:04 paranoia kernel: ipt_unclean: TCP option 3 at 37 too long
> Jul 8 23:16:05 paranoia kernel: ipt_unclean: TCP option 3 at 37 too long
> Jul 8 23:16:16 paranoia kernel: ipt_unclean: TCP option 3 at 37 too long
> Jul 8 23:16:18 paranoia kernel: ipt_unclean: TCP option 3 at 37 too long
>
> and thus are blocked by my 'unclean packet dropping' firewall (iptables).
>
> I haven't seen any mention of this on the list, nor have I seen any more
> ipt_unclean patches to address this problem, so here's your heads-up
> (albeit a bit late).
>
> Thanks,
>
> J Troy Piper
> jtp@dok.org
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 15 2001 - 21:00:21 EST