Could somebody explain this bit of log file?

Date/Time :2007-10-22 02:44:16
Severity :High
Reporter :Network Monitor
Description: Blocked by Protocol Analysis (Invalid Flag Combination)
Direction: TCP
Incoming Source: xx.xx.xxx.xxx:33391 Destination: xxx.xxx.xx.xxx:4562
Reason: ACK FIN RST is an invalid TCP flag combination

I have a feeling, though I can’t prove that as I’m not tech savvy, that this releated to utorrent that I’m running and it might explain why utorrent thinks my network settings are not correct even though I’m up/downloading normally.

Is this something that can be fixed … if it should be fixed that is?

Well, like the message says, that flag combination is invalid. There’s a list of valid TCP flags here

You might be able to glean some info from the uTorrent FAQ

While it is a malformed packet, it also looks like an attempt to send a TCP “reset” to break a connection. Malformed packets don’t occur in properly configured systems. That would mean this didn’t come from a normal system, so the source IP address is most probably forged.

Most likely related to “Sandvine” implemented by the ISP to break p2p traffic:

Sandvine is basically a QOS throttling/protocol balancing appliance for managing P2P apps within a given network.

You shouldn’t see any difference (other than an potential increase in speed) in transfers between another peer on the same network (ISP), but transfers outside your ISP’s network can be markedly slower (translated as “almost dead”).

Are you with comcast?

Ewen :slight_smile:

Sandvine does interrupt traffic by sending RSTs, it is not QOS. From the link above, there is a way to find out:

I never said Sandvine wasn’t used to interrupt traffic. It’s stated purpose is to ensure QOS for certaintypes opf traffic WITHIN a LAN. Comcast are using it to limit/prohibit/throttle certain types of traffic that cross the boundaries of the Comcast network. Sandvine, as implemented by Comcast, doesn’t apparently affect a P2P transfer between two peers who are both on the Comcast network, only when one of them, is outside Comcast’s network.

Same as a guns intended purpose is to keep peace, but …

It’s all in the implementation.

Ewen :slight_smile: