I am having trouble with the 2.6.11 hardened-dev-sources netfilter. When
enabled, my ssh and https connections hang randomly. In the ssh sessions
if I press a key while it's hung, it sometimes will scroll all the missed
output and end up properly displaying content until the next hang, but
other times will totally freeze until the firewall at this office drops
the inactive connection. I have observed this happening from both my
office and my wife's which have totally different internet connection
setups, the problem follows my network and setup.

My network:
Gentoo Linux Firewall (hardened-dev-sources-2.6.11-r1)
Gentoo Linux Webserver (hardened-dev-sources-2.6.11-r1)

I've tried disabling every single iptables option in the kernel config
except the very minimal of options I need, but still no luck.

Another note, I run the kernel on the webserver with no loadable module
support, but neither the firewall nor webserver have any modules loaded,
all iptables options are enabled in the kernel.

Has anyone run across this? Anyone think of a solution? I reviewed the
2.6.11 changelog fully on kernel.org, but really didn't seem to see
anything that addressed this except possibly the NetROM issue in
2.6.11.5??

I am totally at my wit's end, here. This problem is just killing me, I've
been working at it for months now with no solution in sight.. :(

--
gentoo-hardened@g.o mailing list