Resolved! The step that lead to resolution: # sysctl net.ipv4.tcp_window_scaling net.ipv4.tcp_window_scaling = 1 # sysctl net.ipv4.tcp_window_scaling=0 net.ipv4.tcp_window_scaling = 0 where it was explained to me: "It's just a limitation when dealing with window scaling and packet filters. The problem is the window scale factor is only present in the syn packets if it doesn't see both scale factors, it won't be able to determine what's inside the window anymore." and so it turns out I could sysctl net.ipv4.tcp_window_scaling=1 (as it was) once again, and simply modify my pf rule on the webserver/fw/gw by adding "keep state" to both inbound and outbound, and all is well with the world once again. Thanks to all for your suggestions and help. Cheers, -- Yashy -------- Original Message -------- Subject: [Re: odd partial content issue] Date: Fri, 14 Apr 2006 14:47:17 -0400 From: Yasholomew Yashinski <yashy [ at ] mail [ dot ] yashy [ dot ] com> To: ocuug [ at ] listserv [ dot ] storm [ dot ] ca Not having any luck from another mailing list, I thought I'd try this clueful bunch :) Thanks in Advance, -- Yashy -------- Original Message -------- Subject: [Re: odd partial content issue] Date: Wed, 12 Apr 2006 12:16:58 -0400 From: Yasholomew Yashinski <yashy [ at ] mail [ dot ] yashy [ dot ] com> To: yashy-hack [ at ] mail [ dot ] yashy [ dot ] com Update: I've narrowed the issue down to: -It's only between this specific host client, and this specific host server on port 80 (wget, curl, firefox, lynx). scp works fine for example. -Somewhere between l1 and l5 -It gets cut off before 4000 bytes each time and the issue is only replicated pulling off the host server to the host client. - When I boot the debian/client machine into knoppix, it works fine. - I can use lynx on the server machine and connect to the httpd on the client machine no problem - The client machine works on any other webserver I've tried - No other machines appear to have this trouble with this webserver Cheers, -- Yashy Yasholomew Yashinski wrote: > I'm still having the issue from my desktop to my own webserver. The > problem doesn't exist from other computers on my lan, or from other > clients against my webserver, at least in my testing. > > http://www.devrandom.org/p/7 > Here you can see a ethereal TCP stream of a request. Notice the odd: > Range: bytes=5816- > so it's asking for bytes 5816 on, for some reason (already got the first > part?) > At line 262 you see it gets choked off again > > http://www.devrandom.org/p/6 > Here you can see a manual attempt with telnet that just gets cut off, so > it doesn't appear to be the client. > > Tia, > > -- > Yashy >