Firewall causing playstation 3 fragmented packets blocked!

Similar Messages

• CSS 11155 drops fragmented packets.

  My CSS 11155 WebNS 6.10 drops fragmented packets to VIP configured on a layer 4 rule.
  I have seen plenty on how to handle this with WebNS 7 but is there a way to handle this on version 6?
  Regards,
  Paul.

  I have found the link for troubleshooting the CSS 11155 hardware, please have a look at it.
  http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_installation_guide_chapter09186a00801760b3.html#wp1031725

• Fragmenting packets over Ethernet to improve voice quality

  Setup:
  1750--Ethernet---Satellite Receiver---128K Sat Link---Sat. Recvr--Ether---1750
  Question:
  Since the Satellite Link is only 128K there will be a problem of Serialization Delay. Is there a way to fragment packets and Interleave over ethernet ? The same way it is done over Frame Relay or MLPPP.
  In this setup how does one lower down "Serialization Delay" ?

  rocampo,
  With a Satellite link, most the latency will be travel time and not serialization delay. I would expect VoIP quality to be an issue, since the users will have to tolerate long delays and have to wait to make sure the person on the other end has actually finished speaking before starting to speak. VoIP packets are generally small enough that they are already at or near Ethernet minimum packet size of 64 KBytes, so they are not fragmented on Ethernet. However, you may want to look into the QOS / COS capabilities of your LAN switches. But the real issue for you will be the large amount of latency across the satellite link. Be sure to use QOS on the satellite link, to send along VoIP packets on a preferred basis over other less time sensitive traffic. And you may want to see if you can use RTP header compression on the Satellite link to shrink the size of VoIP frames.
  Regards,
  Rob Bristow
  AT&T Solutions
  CCIE #3335

• Firefox causes my router to block google

  As of yesterday firefox causes my router to block google. There is no problem with IE8 or chrome on my computer and no other computer on the network has the same problem. Can anyone help? router has no blocking facility enabled and no mac address filtering.

  Firefox runs fine here on my 10.6.8 machine, what can occur because a lot of browser today are RAM hogs is that FF's menu will freeze.
  If you close all browser windows, or command tab switch, you can then access the ForceQuit menu via the Finder or other program.
  Hard restarts are not good for the machine, my suggestion is you run through this list of fixes
  Uninstall all add-ons (some can cause a conflict) uninstall FF and reinstall, test FF in another account to see where the problem is located.
  Software on Mac's are in three areas, OS X itself, Applications and User(s) accounts
  #1 you replace OS X and update so it's clean of anything corrupted or defective
  #2 you uninstall/reinstall the offending program + addons,
  #3 you then consider it's  User account issue/program support file in that one particular user
  Run through this fix it list, it covers everything.
  Step by Step to fix your Mac

• Windows Server 2008 firewall. Inbound connection is blocked as outbound?

  I connect using "Computer Management" from computer A to computer B. Both computers are Windows Server 2008 x64 with all current hotfixes. The connection succeedes, and I don't even try to open any of the sub-snapins.
  But computer A (the connection source) logs the following event in its System Log:
  Log Name:      System
  Source:        Microsoft-Windows-DistributedCOM
  Date:          9/13/2008 8:59:58 PM
  Event ID:      10006
  Task Category: None
  Level:         Error
  Keywords:      Classic
  User:          N/A
  Computer:      <Computer A name's here>
  Description:
  DCOM got error "2147944122" from the computer <Computer B FQDN's here> when attempting to activate the server:
  {03837521-098B-11D8-9414-505054503030}
  And computer B (the connection destination) logs the following two events (three times each) in its Security Log:
  Log Name:      Security
  Source:        Microsoft-Windows-Security-Auditing
  Date:          9/13/2008 9:00:11 PM
  Event ID:      5152
  Task Category: Filtering Platform Packet Drop
  Level:         Information
  Keywords:      Audit Failure
  User:          N/A
  Computer:      <Computer B name here>
  Description:
  The Windows Filtering Platform blocked a packet.
  Application Information:
   Process ID:  568
   Application Name: \device\harddiskvolume1\windows\system32\services.exe
  Network Information:
   Direction:  Inbound
   Source Address:  <Computer B IP's here>
   Source Port:  57144
   Destination Address: <Computer A IP's here>
   Destination Port:  63485
   Protocol:  6
  Filter Information:
   Filter Run-Time ID: 0
   Layer Name:  Receive/Accept
   Layer Run-Time ID: 44
  and
  Log Name:      Security
  Source:        Microsoft-Windows-Security-Auditing
  Date:          9/13/2008 9:00:11 PM
  Event ID:      5157
  Task Category: Filtering Platform Connection
  Level:         Information
  Keywords:      Audit Failure
  User:          N/A
  Computer:      <Computer B name here>
  Description:
  The Windows Filtering Platform has blocked a connection.
  Application Information:
   Process ID:  568
   Application Name: \device\harddiskvolume1\windows\system32\services.exe
  Network Information:
   Direction:  Inbound
   Source Address:  <Computer B IP's here>
   Source Port:  57144
   Destination Address: <Computer A IP's here>
   Destination Port:  63485
   Protocol:  6
  Filter Information:
   Filter Run-Time ID: 0
   Layer Name:  Receive/Accept
   Layer Run-Time ID: 44
  Well, I already know that events 5152 and 5157 are nearly the same, so we need to look only into one of them in each case. But what's next?
  It seems to me that the firewall here treats the initial connection and a responce as two different connection. So it allows the initial connection (from A to B) because I have some rules in place that are supposed to allow remote management. But then it blocks the responce (from B to A). In this case, looking into separate connection from B to A, I guess, it should treat it as outbound and not filter at all. But it still calls it "Inbound" for some reason, apply some firewall rules and blocks it.
  Are my assumptions wrong? What are the explanation for this behaviour? How do I prevent the packets from being blocked?

  Many thanks. That sounds almost logical.
  Your statement regarding "no real reason to disable" is not exactly valid. There are myriad reasons to actually disable the service itself - one of which is other software that conflicts and sees the 'service' state, and not the 'profile state' of the firewall
  settings. Those products - let me give you at least one as an example... wait for it... wait for it... The 'infamous' SQL Server!
  Yes, pups and pupettes, that' is correct - SQL Server does indeed give you a "false positive" during its pre-req checks and so forth; and and tells you, "Oops, dear systems manager, your firewall service is still enabled... blah blah"  - that's not
  the exact quote, but very close indeed. Does it bother to check and see that, "OH, well, you've got firewall disabled for ALL profiles, so all is cool?" Noooo, of course it doesn't. [Note to Microsoft, please fix this!]
  Now, it may be okay [at this point], since I already have SQL server properly installed, and past all the "pre-checks," to re-enable the firewall service; but, to just off-hand say "there's NO reason whatsoever to disable the firewall service;" well, that
  is just not correct.
  For that matter, there are many of us who completely 'remove' the service - yes, it can be done - and, yes, I have written a technical article on doing just that; and, no, it will NOT cause unpredictable results - [IF] done properly and [IF] all the technical
  whatcha-ma-jig-its are lined up with the North Star when Pluto is in retrograde.
  But, yes, it is best just to let policy take care of disabling the various levels of the firewall and then leave the service as-is, since Microsoft puts more and more hooks in their o/s.
  Thanks again.

• WRT54GX2: TCP packets blocked (except SYN/SYN-ACK) to internet

  I'm using WRT54GX2 with latest FW 1.01.22 and I've been running into internet connectivity with one of my laptop (Toshiba MX35-S149 using Atheros). From this laptop DNS/ping works to the internet (UDP/ICMP) but all of the TCP data packets from the internet are being blocked by the router (I think). All of the other PC's continue to work with no problem.
  Rebooting the router (power cycle) causes thing to work again for this laptop but after some time (15-20 minutes or so) once again the problem comes back. I've already spent about 3 hours with support on this but no luck.
   I did a packet capture on the laptop and any HTTP request show TCP SYN, SYN-ACK packets but no data packets. The laptop continues to do the retransmission. At this point I can still PING and DNS resolve any of the names.
  The HTTP to the router's page (192.168.1.1) continues to work without any problem (still using the wireless NIC). Hard-wiring the laptop to router works fine.
  I asked the support if I can do a packet capture on the router itself but I was told "That is not possible".
  I'll add the packet capture files later today.
  Any help is appreciated as I don't think I'll get any help from the tech-support.
  TIA,
  Navras

  Interesting - I have a similar problem however I am trying to block packets going out. So you say that it allows the TCP for a little while then later it is blocked.
  Why are you trying to pass TCP into the computer specifically?
  Do you have a firewall on your laptop that you can check the logs off?
  I have been with support for my issue which is basically the BLOCKED SERVICES options are all greyed out. I need to block udp/tcp packets from going out on exactly the same router, same firmware as yours. They just read scripts from their help desk manuals and do not really seem to understand problems that are NOT in the scripts. Too bad I was hoping after cisco took over linksys would get better at customer support, not the other way.
  I saw a post previously that states that the same router DOES NOT HAVE the blocked services as a function. The manual and screen seem to indicate otherwise.
  Interesting...let us know what happens.
  danee

• Firewall causes slow mDNS (Bonjour) Lookups

  I'm planning to upgrade our company's tiger server to leopard soon and for testing purposes I'm running Leopard server (10.5.5) on another machine. I've worked out most of the issues except for one major one.
  mDNS (Bonjour) lookups take about 60-90 seconds to resolve when the server's firewall is running. This is the same problem across lookups for any service (SSH via terminal, web, AFP). I don't plan to use mDNS on our network as the server will be running DNS for our LAN, but Time Machine backups always connect to the AFP share using the mDNS name rather than the server's Fully Qualified Domain Name. When this lookup takes such a long time it will more or less freeze the client system during this time.
  Client machines aren't running firewalls locally.
  This happens with both tiger and leopard clients.
  I have tried setting the firewall to allow all connections from "any" to "any" but it still doesn't work.
  I am not running DNS on the server but I have tried turning it on with still no luck.
  Here are the results from running "sudo ipfw list":
  00001 allow udp from any 626 to any dst-port 626
  01000 allow ip from any to any via lo0
  01010 deny log logamount 1000 ip from any to 127.0.0.0/8
  01020 deny log logamount 1000 ip from 224.0.0.0/4 to any in
  12300 allow tcp from any to any established
  12301 allow tcp from any to any out
  12302 allow udp from any to any out keep-state
  12303 allow tcp from any to any dst-port 53 out keep-state
  12303 allow udp from any to any dst-port 53 out keep-state
  12304 allow udp from any to any in frag
  12305 allow tcp from any to any dst-port 311
  12306 allow tcp from any to any dst-port 625
  12307 allow udp from any to any dst-port 626
  12308 allow icmp from any to any icmptypes 8
  12309 allow icmp from any to any icmptypes 0
  12310 allow igmp from any to any
  12311 allow esp from any to any
  12312 allow gre from any to any
  12313 allow udp from any to any dst-port 4500
  12314 allow ip from 192.168.15.0/24 to any via en0 keep-state
  12314 allow ip from 192.168.16.0/24 to any via en0 keep-state
  12315 allow udp from any 68 to any dst-port 67 via en0
  65534 deny log logamount 1000 ip from any to any
  65535 allow ip from any to any
  Note that this should block most services but allow machines on our internal subnets (192.168.15.0 and 192.168.16.0) to connect.
  Any help or advice will be greatly appreciated.
  Thanks.

  I have independently confirmed Baerner's results. Last week I installed ethereal and Wireshark from the fink project and traced the IPP data packets between my desktop client and the print server. Bonjour is definitely using IPV6 in Leopard for printing services.
  Reading the Wikipedia page, http://en.wikipedia.org/wiki/IPv6#Special_addresses, I used the ip6fw utility to add the firewall rule:
  *01101 allow ipv6 from fe80::/10 to fe80::/10*
  which allows link-local addresses to communicate with the server.
  Printing on the server works well with the new firewall rule. I just need to find out how to get the Server Admin tool to set the rule from the FireWall GUI.

• VOIP VLAN using 802.1q frames causing massive dropped packets

  I have a MBP 2.16 connected via 1Gbps Ethernet to my corporate network. I also have a Cisco 7960 VOIP phone and it seems that 802.1q VOIP VLANs are causing the MBPro's Marvell Yukon Gigabit Ethernet adapter to drop 1326 packets out of 3559. It's absolutely unusable at my office, where my laptop is my main machine. I'm having to use my Compaq N610c to browse the Internet and read e-mail. Apple, please update the driver and save me!!!

  I'd check a few things, are you sure the switch that you are connected to is really at 1000Base-T? If it is a Cisco switch I've seen all sorts of probems with auto-negotiation, I'd try to get your network administrator to "fix" the port at the speed you wish to run your network at (ie 100/1000) make sure the duplex is set correctly on the MacBook Pro (make sure it is set to the same as the switch). Also ensure that jumbo frames are enabled on the Cisco switch and make sure the MTU is set correctly for your network. This involves some tweaking of the ethernet interface in the network preferences of OS X.
  Of course if there are indeed 802.1q problems with the onboard NIC then you could get your network administrator to disable .1q frames on the port that your MBP is connected to, you won't be able to use a "loop through" port on a VoIP phone if the phone relies on .1q trunking, so you'll need a port for the phone and a seperate .1q clean port for the MBP.

• Firewall caused ORA-12528

  I have installed Oracle DB 10g Release1 on a WinXPproSP2 machine for learning purpouses (for a college course). I have 1gb of ram and it worked quite well.
  But I had a security problem (trojans mostly) and I had installed a firewall (http://www.jetico.com/). However after installing that firewall, when I try to login my SQL*Plus client says "ORA-12528: TNS Listener: All apropriate instances are blocking new connections"
  I got rid of the trojans (i hope!) and I uninstalled the firewall, but the Database connection still does not work. I have not changed my Oracle configuration since installing, but my "OracleDBConsoleoracle" service does not start either (other Oracle Services work fine - at least from the Windows Services Console).
  This is the error log from System-event log:
  Event Type:     Error
  Event Source:     Service Control Manager
  Event Category:     None
  The OracleDBConsoleoracle service terminated with service-specific error 2 (0x2).
  For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
  Are these errors connected or I have 2 distinct problems?
  Would you advise me to uninstall Oracle?
  UPDATE: I've made a search with the terms firewall and 12528 and it turns out this error could be related to firewall blocking some ports.; but i have disabled windows firewall (turns out i forgot about it) and it still does not work.
  Message was edited by:
  user507163

  With zero substantive information about your environment, it is impossible to know for sure.
  But, if you've just set SHARED_SERVERS=0, for example, and your tnsnames.ora has a line in it that says (SERVER=SHARED), then your client is demanding the use of shared servers which don't exist. You can therefore expect the sort of error you're getting.
  The fix is to remove the explicit demand for shared servers in the tnsnames.ora. Just remove the line (or, not quite such good practice, set it to DEDICATED).

• Cat3750-Metro-Not Pass Last Fragment Packet

  Hello,
  I have a cat 3750 metro on a customer, although the customer is not using any metro feature I am having a problem with passing packets grater than 4,9K, the switch is not passing the last fragment of the packet when the packet is routed, if the packet is switched no problem .
  I have made an upgrade to the last (12.2.25.SEE) version and did not resolve.
  Thus any one has a clue.
  I will try to change the SVI to the physical interfaces (no switchport) to see if something changes?
  Thanks

  @prabodh:
  SQL> declare
    2  TYPE tab_person_id is of table of number(15) index by pls_integer;
    3  begin
    4  null;
    5  end;
    6  /
  TYPE tab_person_id is of table of number(15) index by pls_integer;
  ERROR at line 2:
  ORA-06550: line 2, column 23:
  PLS-00103: Encountered the symbol "OF" when expecting one of the following:
  ( array limited new private range record VARRAY_ char_base
  number_base decimal date_base clob_base blob_base bfile_base
  table ref object fixed varying opaque sparse
  The symbol "OF" was ignored.Check What you are posting.
  @ qwestion: What is your Database Version? It is a implementation restriction.

• Firewall and IPv6, how to block ports?

  I am using free.fr in France, and IPv6 is enabled as part of the service. There are certain services running that were only accessible to the local network, but I now find that if I know the IPv6 address of the machine they are world accessible. I tried limiting services to be only accessible to the local machine, by adjusting the settings in the Firewall configurations in the system preferences, but the services still seem to be world accessible. Do the firewall configurations ignore IPv6? Is there any way to make it so that services are only available to machines in the local networks via IPv6. I suspect I going to need a command line tool or a third-party tool, but I am willing to deal with this until Apple sorts this out through a security update (please?).
  The machine in question is a G4 based PowerMac, so I can't upgrade to 10.5.

  Hi Andre,
  The machine in question is a G4 based PowerMac, so I can't upgrade to 10.5.
  What speed is it? 867
  Leopard requirements...
  * Mac computer with an Intel, PowerPC G5, or PowerPC G4 (867MHz or faster) processor
  minimum system requirements
  * 512MB of memory
  * DVD drive for installation
  * 9GB of available disk space
  Not sure on IPv6, since the whole purpose seems to be to pinpoint individual computers to the whole world, but IPFW may still work...
  WaterRoof is a firewall management frontend with bandwidth tuning, NAT setup, port redirection, dynamic rules tracking, predefined rule sets, wizard, logs, statistics and other features...
  http://www.macupdate.com/info.php/id/23317
  See also...
  http://oreilly.com/pub/a/mac/2005/03/15/firewall.html
  http://tadek.pietraszek.org/blog/2007/05/01/adding-custom-firewall-rules-in-osx/

• Comodo Firewall causes problems when adding music

  When I have Comodo Firewall installed (even when it's closed), I have trouble adding music to iTunes.  It hangs and adds one song every 10 minutes.  If I add more music to iTunes, it'll start adding the previous queue.  In Comodo, I've listed iTunes as a trusted program.  I have a pretty big library, but I think this is mainly a firewall program.  I've disabled Defense+.  There is not much help available in Comodo forums.

  Hi scooper,
  ... An answered the second part, I give a try to part one:
  * is the project located on your Mac's local drive or external?
  * is the iTunes library on the Mac's local drive or external?
  * is the "internet" (<<woohoo, bad kharma;-) ) music coded as aac, mp3 or aiff? or, something different, internet "standard", as ogg, wav, whatever?
  your Mac/iM tries to playback in realtime (sure, that makes sense with a movie...), but obviously has too much to do encoding the music...
  in case you own QTpro or a designated audio-app (Garageband, Audacity), try to convert the internet music (<<woohoo, bad kharma... ah, said that) BEFORE import to iM into aiff...
  in case of usage of external harddrives:
  make sure, the drive is "MacOsExtended" formatted, not FAT32... use Disk Utility to accomplish that (any reformatting erases all content!)
  pay the artists//respect local laws//get good kharma

• Catalyst 3524 - Capturing fragmented packets

  Greetings,
  I have run into an interesting issue with a trunked connection to my ASA.
  Scenario: ASA-5510 connected to a Catalyst 3524 switch via a dot1q trunk. There are approximately 12 vlans configured and passing traffic.
  The ASA interface shows no errors; the Catalyst switch is incrementing runts fairly rapidly.
  From what I have read this typically is a cabling or hardware issue. We changed ports and cables on the Catalyst switch to rule out that side. Both ASA and Switch are set to Full Duplex/ Speed 100.
  From a troubleshooting perspective, I am limited on my packet captures due to the switch and/or my NIC hardware discarding 'bad' packets. I don't have access to a hardware packet capturing device or a NIC with that capability.
  To anyone's knowledge, is there a way to capture the packets being dropped at the switch port? I have a port monitor set up and have disabled "checksum offloading" on my NIC; so far that is the best I have come up with.
  It looks like the switch will increment the runts counter, but not log any of that info.
  I am eliminating any other port issues I see on the switch, but that hasn't made a difference so far.
  My apologies for the long post, but I do appreciate your patience and expertise!
  Thanks for your time!

  Thanks for the info - I will be able to use that for future troubleshooting!
  I have resolved the incrementing runts issue with an IOS upgrade on the switch (to current level for the Cat 3524).
  After the upgrade, the counters no longer increment. I was hoping this would be the case; we were just waiting for a maintenance window to complete the upgrade.
  Thanks again!

• Win7 firewall blocking radius requests

  I have installed an open source radius server on my Windows 7 machine & I want to know why Windows 7 is blocking Radius server requests inbound? A device on my LAN sends an authorization request on UDP port 1645 towards the radius server. To confirm
  this, I put a packet sniffer just before the radius server to check the requests are coming inbound & I checked the port, so I'm certain it's coming in on 1645 (the actual request comes from a switch and the source and destination ports were the same in
  the capture). I therefore created an inbound rule to allow this through the Windows firewall but it doesn't appear to work. When the firewall is disabled, the authentication request is successful.
  I can't actually attach a picture, so I will just explain the rule as best I can:
  Accept inbound UDP port 1645 to any port. All profiles (domain, private, public), all programs, and all IP addresses
  I'd like to know if there is a way I can see a live feed of denied packets inbound so I can spot what is actually causing the problem 

  Look for a blocking rule. Windows Firewall might have created a blocking rule or there might be a different blocking rule causing the problem.
  Also turn on logging of dropped packets in the windows firewall so that you can see if it is the one dropping the traffic.

• How to check  wether local system has blocked by firewall  from program.

  i am a user in my LAN area. i don't have admin rights. in our LAN few system has blocked by firewall others not blocked .
  how can i check wether local host is blocked or not by firewall from java network program ?.

  You can execute some kind of firewall util (if any) and parse output to receive configuration and check is address blocked or no. But if you have no admin rights - it will not help you.
  Actually there is no clear way to detect was packet blocked by FW or just lost somethere.