hi
are some major routers screwing with Youtube sessions? please take
political issues off the network for pete sake!
I'm consistently getting "connection reset" from Youtube, even though I
have filtered all the bad packets. If Youtube is doing it, thay have
really flaky servers... arrrggghhh.
# drop invalid ip packets
iptables -A INPUT -p ALL -m state --state INVALID -j LOG
--log-prefix "fp=bad_packet:1 a=DROP "
iptables -A INPUT -p ALL -m state --state INVALID -j DROP
# drop bad tcp packets
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j LOG
--log-prefix "fp=bad_tcp:1 a=DROP "
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j LOG
--log-prefix "fp=bad_tcp:2 a=DROP "
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j LOG
--log-prefix "fp=bad_tcp:3 a=DROP "
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j LOG
--log-prefix "fp=bad_tcp:4 a=DROP "
iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j LOG
--log-prefix "fp=bad_tcp:5 a=DROP "
iptables -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j LOG
--log-prefix "fp=bad_tcp:6 a=DROP "
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j LOG
--log-prefix "fp=bad_tcp:7 a=DROP "
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
# I shouldn't get TCP RST at this point but I still do!
iptables -A INPUT -p tcp -m tcp --tcp-flags RST RST -j LOG --log-prefix
"fp=bad_tcp:8 youtube a=DROP "
iptables -A INPUT -p tcp -m tcp --tcp-flags RST RST -j DROP
|
Similar Threads
Linear Mode
