TCP window scaling and broken routers
Posted Dec 1, 2005 23:06 UTC (Thu) by walken
In reply to: TCP window scaling and broken routers
Parent article: TCP window scaling and broken routers
That sounds like a good idea, but - is there any way to get iptables to do what you describe ? From my own little netfilter experience, I know how to pass, drop or reject packets, but not how to filter bits (well, I think there is an option to do that with ECN, but what about OTHER must-be-zero bits) or how to drop arbitrary unknown tcp options.
Sounds a bit hypocritical for linux developers to complain about firewalls in the field if their own firewalling functionality does not allow this either.
But then again I'm not a netfilter expert so I could be mistaken.
to post comments)