Hi all,
Just FYI, this post showed up on the pf mailing list a couple of days
ago:
Cc: pf@benzedrine.cx
From: Axel Rau Axel.Rau@Chaos1.DE
Subject: Re: mismatch on route through packet/byte counts
Date: Sun, 18 Feb 2007 14:37:56 +0100
To: Daniel Hartmeier daniel@benzedrine.cx
X-Mailer: Apple Mail (2.752.2)
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by
insomnia.benzedrine.cx id l1IDc2fg029064
Sender: owner-pf@benzedrine.cx
Thank you, Daniel, for taking the time to analyze my traces and to explain the problem so perfect, that even non-net-developers, like I, can understand it. (-;)
This looks like a bug in the client's TCP/IP stack, and how to fix it depends on the client's OS. IMO, the RST is invalid, and pf is right in blocking it.
The OS is Darwin 8.8 / Mac OS X 10.4.8, a 4.4BSD descendant and the relevant source may be in netinet/tcp_output.c, found here http://www.opensource.apple.com/darwinsource/10.4.8.ppc/xnu-792.12.6
Good news is that your diagnosis could bring us forward to resolve a long running painful bug filed against Mail.app, the Apple email client.
If you agree, I would like to add your diagnosis to my open bug report and cross-post the mail on the Darwin Developers list, before filing a new bug against Darwin.
Axel
Axel Rau, ☀Frankfurt , Germany +49 69 9514 18 0