Hi netfilter, I've got a mysterious problem with active ftp, the connection hangs on 'ls' command and dmesg says "Mar 26 23:12:23 gate kernel: SRC=ftp_server_ip DST=gateway_ip 124 LEN=40 TOS=0x00 PREC=0x00 TTL=55 ID=47547 DF PROTO=TCP SPT=21 DPT=1842 SEQ=1645748250 ACK=418491463 WINDOW=32120 RES=0x00 ACK URGP=0 Out of window data: ACK is over the upper bound (ACKed data has never seen yet)"
It worked perfectly for several weeks (and several reboots). I had to reboot because of a disk power failure. Since I've fixed it and rebooted, active ftp doesn't work any more. Multiple reboots didn't change anything. I searched the whole mailing-list archive and several doc, tried many iptables configurations, but the problem remains. I've got another gateway with exactly the same parameters (kernel config, /proc/sys/net/ipv4, netfilter ...) and it work perfectly All ftp and connection tracking options are built in the kernel. It's a 2.4.17 patched with freeswan with iptables v1.2.5 Active FTP works from the gateway, but not from an internal computer. I don't know what more I can do. Any idea would be appreciated. Regards Cyril
