Hi all Using the ippersonality patch on a vanilla 2.4.18 kernel seems to break ip_conntrack_ftp. Note that there is no nat involved, but I suppose it would also break ip_nat_ftp!
We used the patch to randomize ISNs of all TCP connections. This works fine for simple protocols. But FTP doesn't work, apparently since the expectation (Data channel) does not "back-randomize" the ISN for the hidden System. Was this already a known issue? Best regards, Pascal.
