Re: [pfSense] pfSense routing and TCP sequence numbers

Martin Fuchs Sat, 14 Sep 2013 13:40:36 -0700

I was told by Siemens it's about TCP sequence numbers.

They were estimating some kind of special equipment such as riverbed,
special routers or else.


Where would i have to look in the rules if packets should be touched ?

 

Regards,

martin

 

Von: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org]
Im Auftrag von Espen Johansen
Gesendet: Samstag, 14. September 2013 13:42
An: pfSense support and discussion
Betreff: Re: [pfSense] pfSense routing and TCP sequence numbers

 

After reading this again I'm thinking you might be confused by IP ID vs
sequence numbers?

 

IP header and TCP header are different things.

 

see here for IP header : http://en.wikipedia.org/wiki/IPv4

 

or this might be of help:
http://networkstatic.net/what-are-ethernet-ip-and-tcp-headers-in-wireshark-c
aptures/

 

 

 

On Sat, Sep 14, 2013 at 1:12 PM, Espen Johansen <pfse...@gmail.com
<mailto:pfse...@gmail.com> > wrote:

Try tcpdump + wireshark. Then read this:
http://packetlife.net/blog/2010/jun/7/understanding-tcp-sequence-acknowledgm
ent-numbers/

 

pfSense should not change sequence numbers unless you tell it to do so.

 

for packet breakdown read : http://www.daemon.org/tcp.html

 

Google is your friend ;-)

 

On Fri, Sep 13, 2013 at 4:15 PM, Martin Fuchs <mar...@fuchs-kiel.de
<mailto:mar...@fuchs-kiel.de> > wrote:

Hi !

 

We use pfSense 2.0.1 and have a local LAN, a WAN and remote Offices
connected by managed VPN-connections  (pfsense does not need to stablish VPN
tot he remote offices).

 

LAN -> pfSense -> remote office

 

In the LAN we have a HiPath Communications system and in the remote offices
one remote system each.

pfSense only routes between these locations. There is no filtering (in the
floating rules everthing is allowed between LAN and remote offices.

 

Firewall-scrub, clear DF and random id generation are disabled.

 

Does pfSense in this configuration change the TCP sequence numbers oft he
conections between the communication systems ?

And is there any simple way how i can check this ?

 

Regards,

 

martin

 

 

 

_______________________________________________
List mailing list
List@lists.pfsense.org <mailto:List@lists.pfsense.org> 
http://lists.pfsense.org/mailman/listinfo/list

_______________________________________________
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] pfSense routing and TCP sequence numbers

Reply via email to