On Thu, Jul 12, 2007 at 11:18:18AM -0500, Trent Melcher wrote:
What kind of firewall are you using ?
Its a Symantec SGS firewall
A search on their support website gave a couple of things you might want to look at: First, a support notice
Issue: TCP connections seem to hang after several seconds http://entsupport.symantec.com/docs/641
Second, it seems as if there is a "GSP" (Generic Service Passers) setting that you can toggle on or off, which affects whether the protocol will be handled as a proxy-protocol, or transparently. An example of setting up a protocol and service group definition is here: http://entsupport.symantec.com/docs/n2006092709045754 This is for MSN, but you should be able to pick out the bits you need to define just the Hobbit protocol on TCP port 1984. I think the "use GSP" setting here might make a difference.
Here is the output from my tcpdump.....see if you can wrap your head around this one.
Your dump shows three connections from the client to the Hobbit server. All of them behave identically:
- The connection is established
- The data is sent from the client, including the FIN packet indicating the client has no more data to send
- After the FIN-packet and the corresponding ACK from the server, no more data is passed.
So the behaviour is what I'd expect from a firewall the closes the connection too early.
Regards, Henrik