Hi all,
I finally found a solution to my ftp-proxy problem. The machine is a Dell 2950 with broadcom gigabit NICs, so I'm using the bnx driver included in the generic kernel. It seems that the TCP checksum offloading causes problems in certain cases. I found a reference to this on another message board first, but look also at bug report 5437. http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yes&numbers=5437 This report is closed, but the behavior I saw matched this report. In any case, I changed the bnx driver as described in the temporary fix and recompiled the kernel. FTP clients behind the proxy now function as expected. To respond to the previous post from Mr. Spruell: You were definitely on to something when you mentioned checksum offloading features. I had already tried multiple client applications and machines, but of course the problem was the firewall system itself. Incidentally, the client's ACK to complete the initial handshake did show an incorrect checksum, but I noticed that was the case whether I was using the proxy or not, and didn't seem to cause any problems by itself. I suspect that is yet another windows oddity. I appreciate everyone's help. Thank you, Jason
