Hi all,
I used Wireshark 1.0.6 for capturing...
> Well - the way you decribed the problem lead me to believe that there
> is a firewall in the path between sender and
> receiver. And if this firewall does NAT and/or Initial Sequence Number
> randomization, it will also have to rewrite the
> checksum so that the checksum is valid for the rewritten packet. That
> process might be faulty, hence the firewall would
> actually be the source and cause of the invalid checksum values.
>
> Are you able to sniff out these packets on both sides of the firewall
> and compare them to each other in W'shark?
<test>,
<different clients>--<firewall>-|--...--<remote host>
<sniff>´
The packets with wrong checksums are just those sent from the remote host back to the firewall (which NATs the different clients). The firewall seems to just discard those packets as they cannot be seen behind the firewall anymore. Packets from the firewall to the remote host are all ok.
When connecting to the remote host from "test", all checksums (both directions) are ok.
I have no idea what to look for... :-(
Thanks
Matthias
