weird blocked sync packets on win machines

From: Domenico Gargano
Date: Thu Nov 11 2004 - 10:03:39 EST


Hi all,
strange things happen on my linuxbox, I've got a firewall box running
fedora 2 with 5 net
adapters. All my private machines (192.168.30.) connect to internet and to
my DMZ
through the linuxbox.
During the day usually happens that my firewall stop forwarding SYN
packets, allowing
instead all other packets (ex. ACK) and all other protocols. This means
that I cannot
establish only new connections (prevoiously opened ones just work fine).
All my eth stop forwarding for 15 minutes, all the new traffic is totally
blocked (from/to
LAN, DMZ, INTERNET).
The really weird thing is that this happen only on windows machines, and
during this
block-time, if I close all IE windows and then I re-open IE, all
connections start again to
work (without waiting 15 minutes), this trick works only if my IE is using
squiq proxy
running on a server located in DMZ.
I've upgraded the kernel from 2.4.22 to all new releases since 2.6.8 but
nothing has
changed, I've changed all net adapters and fine-tuning kernel parameters
(like disable
syn-protect or increase nr. connections and decrease timeout values).
All tests are done with tcpdump.
Can someone please suggest me some way to find a solution? I'm not only
looking for
the right solution, but also some method to study this weird problem.
Thanks

pls put me in CC when replying.

--
~~~ Domenico Gargano [Senior Network Manager] ~~~
Planetek Italia s.r.l. :tel:+39 080 5343750
Via Massaua, 12 - I-70123 BARI :fax:+39 080 5340280
~~ email: d.gargano@xxxxxxxxxxx ~~~ www.planetek.it ~~

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/