The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]

Scripts / handy tips
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
  syncache_expand: Segment failed SYNCOOKIE authentication, segment rejected (probably spoofed)
Author: Dan 
Date:   17-02-08 22:20

Ever seen these?

Feb 17 17:11:18 polo kernel: TCP: [10.55.0.67]:61883 to [10.55.0.23]:5666 tcpflags 0x11<FIN,ACK>; syncache_expand: Segment failed SYNCOOKIE authentication, segment rejected (probably spoofed)
Feb 17 17:11:22 polo kernel: TCP: [10.55.0.67]:59973 to [10.55.0.23]:5666 tcpflags 0x18<PUSH,ACK>; tcp_do_segment: FIN_WAIT_1: Received data after socket was closed, sending RST and removing tcpcb
Feb 17 17:11:22 polo kernel: TCP: [10.55.0.67]:59973 to [10.55.0.23]:5666 tcpflags 0x10<ACK>; syncache_expand: Segment failed SYNCOOKIE authentication, segment rejected (probably spoofed)

Silence them with:

sysctl net.inet.tcp.log_debug=0

NOTE: I found that adding this entry to /etc/sysctl.conf won't set this.

I'm on

FreeBSD polo.exmple.org 7.0-CURRENT FreeBSD 7.0-CURRENT #2: Wed Sep 19 11:34:09 EDT 2007 dan@polo.example.org:/usr/obj/usr/src/sys/POLO i386

--
Webmaster

Post Edited (26-03-08 21:21)
Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org


Servers and bandwidth provided by New York Internet, SuperNews, and RootBSD. Valid CSS and RSS.
Copyright © 1997-2012 DVL Software Ltd.
All rights reserved.