G
Guest
Guest
Archived from groups: microsoft.public.platformsdk.networking,microsoft.public.windowsnt.protocol.tcpip (More info?)
When using Windows XP Pro sp1 and a client (Win2k Workstation sp4) makes a
TCP connection to
my computer the SYN/ACK packet from me to the client looks like this:
Frame 55 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: 00:0d:56:06:44:d9, Dst: 00:50:bf:7c:2d:29
Internet Protocol, Src Addr: 10.3.168.11 (10.3.168.11), Dst Addr:
10.3.168.12 (10.3.168.12)
Version: 4
Header length: 24 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 52
Identification: 0x394f (14671)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0x5b57 (correct)
Source: 10.3.168.11 (10.3.168.11)
Destination: 10.3.168.12 (10.3.168.12)
Options: (4 bytes)
NOP
EOL
Transmission Control Protocol, Src Port: 5001 (5001), Dst Port: 1237 (1237),
Seq: 0, Ack: 1, Len: 0
Connections the other direction (Win2k as server) don't have any IP options.
We have a customer having a Win2k Server (sp3) also returning this options
to the clients (W2k server with sp4 don't).
This server is behine a firewall that blocks any packet with any IP options
thus making it impossible for the clients to connect.
Why it these options sent ? And is there any way to disable these nonsense
options ?
I have done some debugging and sniffing to find the cause in our application
and tracket it down to this line:
int val=1;
return ::setsockopt (m_hSocket, SOCKET, SO_CONDITIONAL_ACCEPT, (char *)&val,
sizeof(val));
We use this to make it possible to filter out which ip-adresses who can
connect. Without this line the IP options is not sent but out filter
callback function for WSAAccept in not calles either.
For now our customers problem is solved by installing sp4 in the server. But
our problem can arise again if someone uses WinXP.
Is there any way this can be solved.
/David
When using Windows XP Pro sp1 and a client (Win2k Workstation sp4) makes a
TCP connection to
my computer the SYN/ACK packet from me to the client looks like this:
Frame 55 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: 00:0d:56:06:44:d9, Dst: 00:50:bf:7c:2d:29
Internet Protocol, Src Addr: 10.3.168.11 (10.3.168.11), Dst Addr:
10.3.168.12 (10.3.168.12)
Version: 4
Header length: 24 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 52
Identification: 0x394f (14671)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0x5b57 (correct)
Source: 10.3.168.11 (10.3.168.11)
Destination: 10.3.168.12 (10.3.168.12)
Options: (4 bytes)
NOP
EOL
Transmission Control Protocol, Src Port: 5001 (5001), Dst Port: 1237 (1237),
Seq: 0, Ack: 1, Len: 0
Connections the other direction (Win2k as server) don't have any IP options.
We have a customer having a Win2k Server (sp3) also returning this options
to the clients (W2k server with sp4 don't).
This server is behine a firewall that blocks any packet with any IP options
thus making it impossible for the clients to connect.
Why it these options sent ? And is there any way to disable these nonsense
options ?
I have done some debugging and sniffing to find the cause in our application
and tracket it down to this line:
int val=1;
return ::setsockopt (m_hSocket, SOCKET, SO_CONDITIONAL_ACCEPT, (char *)&val,
sizeof(val));
We use this to make it possible to filter out which ip-adresses who can
connect. Without this line the IP options is not sent but out filter
callback function for WSAAccept in not calles either.
For now our customers problem is solved by installing sp4 in the server. But
our problem can arise again if someone uses WinXP.
Is there any way this can be solved.
/David