[ previous ] [ next ] [ threads ]
 From:  Frederick Page <fpage at thebetteros dot oche dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] accessing netbsd.org from behind m0n0wall
 Date:  Wed, 8 Sep 2004 21:23:18 +0200
Hallo Wayne,

Wayne Marshall schrieb am 07. September 2004:

>>[Please stop top-posting]

>I agree; unfortunately other top posts were already in thread...

Just because there are plenty of ignorant, top posting, full quoting
and clueless morons on this list does not mean one has to adjust to
their (errm) "level". I normally ignore top posts and never answer
anonymous nameless cowards.

>Thank you for another independent confirmation of the problem.

Manuel himself can also reproduce the problem, NetBSD seems to send
out overly long packets, which get fragmented and then somehow
discarded by ipfilter.

>As for the latter, I even recompiled an OpenBSD kernel

I'm unsure, whether Manuel's response has reached the list, but
according to him

     sysctl net.inet.tcp.rfc1323=0

did the trick on a FreeBSD machine. Since I am an OpenBSD user as well,
I simply see, that NetBSD does not want visitors and I'll respect
their wishes. I refuse to change my working configuration just for
_one_ website and potentially open new attack vectors to my machine.

>And what is it about the primary www.netbsd.org server that
>causes this behavior, not observed among other sites?

Manuels explanation seemed fine to me ;-)

Kind regards