HTTP Chunking



  • Hello,

    I'm having an issue with a postage meter that requires http data chunking. Are there any controls in pfSense that would affect whether or not data chunking works? By default I'm allowing all outbound traffic.

    Thanks!



  • pfsense is a firewall - it passes packets, including TCP data.  TCP is a stream protocol, so there is not a valid concept of packets in that world.  If an application level protocol requires some sort of chunking it is up to it to implement.



  • Thanks for the reply.

    I guess maybe I wasn't clear. I'm not asking pfSense to implement "chunking". Rather, I was just asking if there was some sort of control within pfSense that could be preventing "chunking", done at the postage meter in question, from working. Perhaps in the end this works out to be effectively the same thing and hence your response.

    Thanks again.



  • Not that I am aware of, no.  I'm sure this is out of your control, but if the software in the postage meter can't cope with tcp data arriving in pieces, it's broken :(



  • That's pretty much what I was thinking.

    Thanks again for the replies.


  • Rebel Alliance Developer Netgate

    Unless you're using squid/squidguard/havp, nothing should be altering HTTP.



  • I'm assuming any issue he has is due to MSS causing tcp segments to the postage meter to arrive in pieces, which is just unavoidable :(



  • @jimp:

    Unless you're using squid/squidguard/havp, nothing should be altering HTTP.

    I'm not using squid, etc. I couldn't think of a reason HTTP would be altered but the troubleshooting procedure recommended by the postage meter manufacturer was to check the firewall to make sure "chunking" was allowed.

    I was pretty sure pfSense wasn't preventing it but just wanted to check with those much more knowledgeable than myself.



  • Maybe they meant something about fragmented packets.



  • Hmmm, could be, but whether it is fragmentation or TCP segments spanning packet boundaries, that is TCP and the postage meter is broken if it can't cope with this (although I have run into more than one application that was broken that way…)


Log in to reply