You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Randy Terbush <ra...@zyzzyva.com> on 1997/07/02 23:21:07 UTC
Re: anyone else using ipfw ?
>
> We use ipfw (IP FireWall) to filter out unwanted connections to
> services we don't offer and to block abusive hosts (e.g. spam domains
> on port 25 and broken robots on port 80).
>
> Some people running Windoze can't reach us on port 80 because ipfw
> is refusing them access. People who have managed to fix the problem
> has changed their PPP 'mtu' from 1500 to 576. A friend believes this
> is due to fragmented packets being rejected at the firewall.
Could this be an issue to do with the following?
sysctl -w net.inet.tcp.rfc1323=1
You might try setting it to 0 to disable this. ipfw should also be
able to specifically allow fragments if that is truely what the
cause is.
> I sent mail to a FreeBSD mailing list asking if anyone had any
> experience of this but got no answer, so I'll try here instead.
> Anyone ?
>
> It's impossible for us to tell how widespread the problem is. Hundreds
> of thousands of windoze users are reaching us so it's not a major problem.
>
> --
> Rob Hartill Internet Movie Database (Ltd)
> http://www.moviedatabase.com/ .. a site for sore eyes.
>
>
> ps, ipfw is wonderful at blocking Spamford's ever changing and ever
> spoofing lusers from depositing their trash in our mailboxes.
>